[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] SAM Switch - Win2k/XP password-less login

To: "Schmehl, Paul L" <pauls@xxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] SAM Switch - Win2k/XP password-less login
From: Steve Ames <steve@xxxxxxxxxxxxxx>
Date: Thu, 25 Sep 2003 13:47:58 -0500

On Thu, Sep 25, 2003 at 11:34:40AM -0500, Schmehl, Paul L wrote:
> backdoor passwords "in case of emergency", and all BIOSes can be easily
> reset to default passwordless configuration.

Without knowing the password you couldn't put the password back 
correctly so it would be obvious that the BIOS had been reset. Doesn't
fix the problem by any means but does perhaps leave a track.

If your server reboots for no reason really you should have already
noticed that and wondered what was up.

-Steve

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] SAM Switch - Win2k/XP password-less login
  - From: Schmehl, Paul L

Prev by Date: [Full-Disclosure] Analysis of a Spam Trojan
Next by Date: [Full-Disclosure] RE: Possible new variant of Nachi
Previous by thread: RE: [Full-Disclosure] SAM Switch - Win2k/XP password-less login
Next by thread: [Full-Disclosure] DANGER: potentially broken f-prot updates
Index(es):
- Date
- Thread