U.S. Army Web Server Attacked Security experts say that the new Windows vulnerability revealed Monday by Microsoft Corp. has been used by crackers to attack at least one machine belonging to the U.S. Army. And, it turns out, the flaw used to attack the Web server was discovered not by Microsoft or an independent researcher, but by the attacker himself.
Experts at TruSecure Corp., based in Herndon, Va., received word of the attack on the Army's Web server last week through contacts within the Army. A Web server was attacked using a URL that was 4KB in length, and the machine was subsequently compromised. The server then immediately began mapping the network around it, looking for other vulnerable machines and seeing what else of interest was within reach. It then started sending the results of its mapping to a remote machine through TCP port 3389 using terminal services, said Russ Cooper, surgeon general at TruSecure. http://eletters1.ziffdavis.com/cgi-bin10/flo/y/eUNr0Fj6Xx0DUm0vM10Am ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=5 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=5 Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
