Your worst security blunder
Goto page Previous  1, 2, 3, 4, 5  Next  :||:
Networking/Security Forums -> Exploits // System Weaknesses

Author: Wi1d PostPosted: Fri Sep 02, 2005 7:44 am    Post subject:
many many moons ago I had heard of this cool OS called Linux and decided to try it out. I went to the book store and found one of those foot deep books that comes with a copy of Red Hat and promised I'd learn in 24 (hours | days) or something like that.

Well I read the book and installed the OS. Unfortunately it was version 3.0.3 and the latest version was 5.0, Hurricane if I remember right, and I didn't get to the part of the book about updating the OS quick enough before I got rooted.

Author: chiawaikian PostPosted: Wed Oct 05, 2005 10:34 am    Post subject:
Letting a teenager use my computer without supervision in an admin account.

Author: graycatLocation: London, UK PostPosted: Tue Oct 11, 2005 1:51 pm    Post subject:
not so much of a security blunder but more of a blonde moment:

remote desktoping to our main file server, did what i had to do and went to log off ....... but missed and went with shutdown! Shocked oops Very Happy lol

i'm glad to say i'm not the only person to have done that .... even our expensive "support company" managed to shut down not only the file server but the exchange server too Very Happy lol

I've since added the log off button for my profile Wink

Author: tepster PostPosted: Mon Dec 05, 2005 11:22 pm    Post subject:
Well, from the age of 10 ive been living in a university halls of residence, as my mum manages the hall. All the networks are restricted, and dont allow important downloads such as security downloads, windows update, even msn messenger. Only the administrator can log on, and allow this updates. Anyway back when i was cocky, i asked the administrator to set up steam for me, but left a keylogger in the background. So when he left, I had the administrator details. I went on a downloading spree, and downloaded a cryptography program for my computer which needed port 23 open. So i did this, the forgot to close it afterwards. The whole network got rooted and took ages to set back up. Although i never got caught, i was deprived from the internet for about two weeks Sad

Author: PSTUBb PostPosted: Tue Jan 24, 2006 2:48 am    Post subject:
I usually dont do anything without finding out a hell of alot about it first, but sometimes I just cant not try something lol. Like when i found out Alt+F4 doesnt launch a cool game lol. (hey common! just do it!) also back when i wasn't into security as much, just your average user I guess you could say back then.

I was at someone else's house, and he wanted me to log on to MSN. He had just told me about how he got his friend's password by making him type it in the username box.

So as I'm typing my password, I am staring at him to make sure he is not looking. Meanwhile he has clicked inside the username box.

I felt so stupid!

Author: GroundControl PostPosted: Tue May 16, 2006 1:29 pm    Post subject:
Several years ago on my Win2K-Box, late at night, me and a bottle of wine browsed the mass-downloads from usenet (pictures, from an alt.binaries...-source, you know?).
At that time I had a dozen years experience in computer science, I also already had my master's degree in computer science and I felt fairly confident with that time's security issues.

However, the binary-download-usenet-browser I used ran fullscreen and I did not notice the scrollbar on the botto, when I doubleclicked the .jpg-File with that very, very long name that ended with .jpg at the rightmost end of my window and *panic* my Norton popped up a window that he just blocked a virus-executable and quarantained that file.

What the heck...? Oh, well... it did not end with .jpg but with .jpg.exe, just the .exe was exactly outside the window, thus me not noticing the scrollbar accidently "hiding" the .exe-suffix from me.

ok, nothing bad had happened but when something passes you own attention and only the second perimeter of defence blocks the attack, you feel like being tricked out anyway.

From that time on I stoped to work on the internet or on downloads for the first time when I enjoy wine or feel tired. I doubled the level of attention I spend on my own action and swore to myself that this is not allowed to happen again.

Up to now, it didn't.

Author: Xif PostPosted: Fri Oct 27, 2006 12:13 pm    Post subject: Open port 23 + 80
Yeah me and my friends used to hack each others computers for fun, and I left the ports 80 and 23 on my old Win 98 computer open for something like 2 weeks. Nothing happened, except I kept getting hacked by my friend, again and again. I finally realised my error, and closed the ports.

Yeah, not too bad, but it's still a screw-up.

Author: lm PostPosted: Tue Jun 12, 2007 9:24 pm    Post subject: Hacked
My worst blunder happened when I first got out of college. I got hired by this media company to set up a web site and do some other stuff. I set up a Microsoft IIS box (lol) and promptly drove it over to the co-location place. They stuck it in a rack and plugged it in, sans firewall.

About 10 hours later, the Nimda worm owned the box. One of my friends emailed me a link to the company web site (fortunately I got this email before my boss found out). When I loaded the company web page, I got a nice greeting "HACKED BY CHINESE!!"

I was a head-in-the-sand IIS admin.


Author: SteelValorLocation: Central New York PostPosted: Wed Jun 13, 2007 4:36 pm    Post subject:
1) I've locked myself out of MySQL before ... twice
2) In my infancy you could fail my login checks and then hit refresh and be granted a session. Surprised lmao oops

Author: Dalt PostPosted: Tue Mar 18, 2008 1:55 pm    Post subject:
Knowing that my USB drive had worms, viruses and other stuff i plugged it into my notebook. After this i could not to turn on my machine Laughing

Author: D1g1t PostPosted: Wed Feb 04, 2009 5:19 pm    Post subject:
Good thread Smile

I have recently lost a flash-drive, that contained my icq, msn, amd gmail clients with all contacts, history and auto-login

Embarassed Embarassed Embarassed

I was running home very fast, to change all my passwords to everything Smile

Author: andybase PostPosted: Tue Nov 24, 2009 1:39 pm    Post subject: Linux is not safe
There are viruses for Linux too.

Author: KNOWLEDGE464 PostPosted: Wed Nov 25, 2009 1:04 am    Post subject:
Well in my beginning years I was a Kazaa user and always downloaded everything to do with music this was back in 2000 I think this was a great time for worm viruses and well I so happen to get the loveletter virus and my account information stollen Shocked classic oops and well Norton then and still now sucks didnt catch it and well I lost 1500.00 in purchases to some websites I never heard of

bright side I never used Kazaa again and second got a fix . bat file and removed the virus and all its wonderful exe files it created, and I learned a lot about worm variants and also with a nice phone call to the bank and a letter on the virus information and what it stole I got my money back and bought a civic sweet Very Happy

In the present date this was not me but a user on my network before we went corporate and got bought by a big time company we had a network that was crap and I happen to walk into a job security location where the IT director himself designed the network LOL what a spagetti bowl of cable and weak switches connected to a small home firewall and blah blah you get my drift it was NUB network design 101 full of 10MB connections, partitioned magic RAID 5 servers, and bottlenecks. And well a user surfing the web got a popup said you have 204 viruses on your computer click here and remove LMAO they clicked it.... and kissed their desktop access and wallpaper goodby and hello owned by melware LOL I got rid of the junk and backdoor exe folder with loads of exe's waiting for someone to use them LOL it was good times.

Author: ryansuttonLocation: San Francisco, California PostPosted: Wed Nov 25, 2009 2:06 am    Post subject:
Surprised I never commented on this thread...

Some ID 10 T errors I caused:
Running the wrong command on our PIX firewall and bringing down the internet.
I was remotely logged in to a server and I accidentally restarted the server thinking it was my own (local) machine
Setup an internet facing server without applying proper security - it promptly got owned

Author: AdamVLocation: Leeds, UK PostPosted: Wed Nov 25, 2009 5:23 pm    Post subject:
ryansutton wrote:
Running the wrong command on our PIX firewall and bringing down the internet

That's one hell of a command!
Please don't ever key in commands to a military computer...

Author: NonapeptideLocation: Scottsdale, Arizona PostPosted: Thu Nov 26, 2009 12:48 am    Post subject:
Really simple one for me: I seem to recall walking out of the server room and holding the door open for someone that I didn't know. It was a small enough IT department to where I knew everyone there... but I thought he was a contractor and "surely he belonged there..."

Fortunately he really did belong there, but that was one very stupid thing for me to do. Lesson learned.

Networking/Security Forums -> Exploits // System Weaknesses

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Goto page Previous  1, 2, 3, 4, 5  Next  :||:
Page 4 of 5

Powered by phpBB 2.0.x © 2001 phpBB Group