I'm not jumping into the argument one way or another as I have virtually no
knowledge of NT and am not in a position to comment on the NT vs. UNIX
argument, so please keep your flames to yourself. However, here is some
info posted on ZDNet at
http://www.zdnet.com/pcweek/stories/news/0,4153,2277295,00.html that may be
of interest:
Security firm exposes Windows NT vulnerability
By Brett Glass, ZDNet News
June 16, 1999 3:44 PM ET
Nearly every Windows NT-based Web server on the Internet is vulnerable to a
newly discovered security hole that lets a malicious hacker take over the
server -- and, in some cases, the network to which it is attached -- says a
network security company.
According to the eEye Digital Security Team, it discovered the bug on June 6
when its Retina network security scanning software -- which automatically
employs techniques commonly used to break into computer systems -- succeeded
in crashing an NT server.
The engineers quickly realized that the bug could be exploited not only to
crash the NT machine but also to take it over completely.
According to eEye CEO Firas Bushnaq, the company supplied detailed
information about the bug to Microsoft Corp. (MSFT) on June 8. However, a
week later, said Bushnaq, the software giant had still not published a fix
and stopped responding to e-mail correspondence about the bug.
eEye released break-in code
Believing that Microsoft "was not giving the problem the attention it
deserved," eEye released not only a description of the hole but two working
demonstration programs that allow anyone to break into an NT server running
Internet Information Server 4.0. The break-in code appears to work on any
server from which a Web page can be retrieved, even if a firewall is
present.
eEye explained its decision to disclose the bug, and to publish a program
that lets anyone readily exploit it, in a brief note on its Web site.
"We are a full-disclosure security team," the note reads. "If our team
starts hiding the facts, we'll be no better than a software vendor that
rushes insecure products to market."
Microsoft not impressed
Microsoft, however, took exception to this philosophy.
"Responsible security companies do not provide tools that can be used to
attack innocent people," said Microsoft security manager Scott Culp.
Bushnaq, for his part, noted that a moderately skilled hacker, armed with
the knowledge that the bug existed, could easily craft a program to exploit
it in less than 2 hours.
On Tuesday evening, Microsoft published instructions describing how system
administrators could implement a temporary workaround for the problem.
Unfortunately, one side effect of the workaround is that users who upload
pages to the NT Web server cannot employ a Web-based mechanism to change
their expiring passwords, and thus may be left without access.
Microsoft's Culp said that a more permanent patch that does not have this
problem is in the works. Users can subscribe to a mailing list that
distributes bulletins about security problems, and remedies for them, by
following the instructions on the company's Web site.
The glitch is one of many that have plagued Windows NT and IIS. Microsoft
advises customers that a long list of steps, posted at its site, should be
taken whenever an NT/IIS machine is placed on the Net as a Web server.
These steps include disabling many NT features, such as POSIX compatibility,
and in some cases reformatting the machine's hard drives.
See more Sm@rt Reseller news.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
