ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

Keeping security in check

Tags:
Ethical Hacking

John Verry Tech Republic

Published: 11 Oct 2005 14:30 BST

...our respective lawyers, we reached a consensus that we would continue the ethical hack to ascertain whether another bank could potentially take the same actions that we did, but that we would make every effort practical to ensure that we did not breach another ASP client's confidentiality.

With our foot already planted within the ASP infrastructure, we set out on behalf of BC to see if their data was at risk to another hosted bank. The ASP had done a good job of segregating their clients from each other. Via ICMP ping sweeps we could confirm the existence of duplicate infrastructures for dozens of other banks. We attempted to enumerate other clients' hosted servers on the ASP network but to our disappointment, all we could do was ping them.

Fortunately, one of our Test Team members came up with the clever idea of writing and deploying a quick script that would feed periodic netstat output back to the console we were sitting at. Netstat is a windows utility that displays active TCP connections and the ports a computer is listening on. We had noted several "interesting" ports that multiple systems were listening on and our hope was that we may catch a connection in progress.

After an hour or so, we observed a connection to one of the boxes that we were watching from a network we were not aware of previously. Fingers crossed, we attempted to telnet to the new found IP address with no success. Our second attempt to establish a secure shell connection (SSH) to the box was more promising as we were challenged for a user name/password combination. As you likely guessed — "administrator"/"ASP" put us on the box with root privilege.

It was a Linux system running Little Brother, an open source network monitoring tool that was monitoring all of the ASP's clients. We SSH'd from the Little Brother box, into another hosted bank's network, and were not surprised to find that the "administrator"/"ASP" combination was...

For more, click here...