Electronic Books

498
Practical Hacking Techniques and Countermeasures
The attacker will of course remove this file, but for this lab I simply opened
it. As you will notice the Administrator password is listed in the file.
*Note: Although this lab requires local access to the computer, take a good look the
next time you walk around the office and notice the unlocked workstations
just sitting there with no one at the desk. Better yet, take a look at all the
computers at your local computer store. They are all unlocked by default and
many of them allow anyone to execute anything he or she wants. Many
computer stores simply assume that if they do not allow Internet access they
are alright, but that is not so.
Vulnerability Scanning
499
Lab 74: Bypassing Microsoft Serial Numbers
Bypassing Serial Number Protection: RockXP/Custom Script
Prerequisites: None
Countermeasures: Frequent serial number verification, strong security
policy
Description: Like many other companies, Microsoft uses serial numbers
to protect its software from being handed out freely. Serial numbers
have a flaw as well because with the Internet these numbers can be
freely passed out to anyone. Because of this, Microsoft came up with
a verification process that validates the product key of the version of
Windows (XP) you are running before allowing you to download any
updates. Although several ???Crack??? versions have been released on the
Internet, many of them are corrupted or contain viruses or Trojan
horses and cannot be trusted.


Pages:
153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177