Monthly Archive: February 2000

Windows NT automatically logs in an administrator upon rebooting. Date published : 2000-02-04

A superfluous NFS server is running, but it is not importing or exporting any file systems. Date published : 2000-02-04

An SSH server allows authentication through the .rhosts file. Date published : 2000-02-04

The Windows NT guest account is enabled. Date published : 2000-02-04

A password for accessing a WWW URL is guessable. Date published : 2000-02-04

A trust relationship exists between two Unix hosts. Date published : 2000-02-04

A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. Date published : 2000-02-04

A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. Date published : 2000-02-04

A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase...

A DNS server allows inverse queries. Date published : 2000-02-04

A DNS server allows zone transfers. Date published : 2000-02-04

A system is operating in "promiscuous" mode which allows it to perform packet sniffing. Date published : 2000-02-04

A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc. Date published : 2000-02-04

A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of. Date published : 2000-02-04