Professional Documents
Culture Documents
Name Service Vulnerable Platforms Mechanism Time To Implement Effect
Name Service Vulnerable Platforms Mechanism Time To Implement Effect
Service
telnet,
Dictionary rlogin, pop,
imap, ftp
Ftp-write
ftp
Guest
telnet,
rlogin
Imap
imap
Named
dns
Phf
http
Sendmail
smtp
Xlock
Xsnoop
Vulnerable
Platforms
Mechanism
Time to
Implement
Effect
Abuse of Feature
Medium
User-level access
Misconfiguration
Short
User-level access
Misconfiguration
Short
User-level access
Bug
Short
Root Shell
Bug
Short
Root Shell
Bug
Short
Bug
Long
Misconfiguration
Medium
Misconfiguration
Short
All
All
All
Linux
Linux
All
Linux
All
All
Execute commands as
user http
Execute commands as
root
Spoof user to obtain
password
Monitor Keystrokes
remotely
Users typically do not choose good passwords, so an attacker who knows the
username of a particular user (or the names of all users) will attempt to gain access to this
users account by making guesses at possible passwords. Dictionary guessing can be
done with many services; telnet, ftp, pop, rlogin, and imap are the most prominent
services that support authentication using usernames and passwords. Figure 8-2 is a plot
of the connections made to the pop3 port of a victim machine during a dictionary attack
that is using the pop service to check for valid login/password combinations.
The
horizontal axis of this plot represents time in minutes, and each line segment in the plot is
a single connection to the pop3 service.
71