|
Win2k in "Beta" Security Testing
Mike Hudack
Editor-in-Chief
It was only recently that Microsoft announced they were initiating a public security test of Windows 2000. Saying they wanted to make Windows 2000 their "most secure version of Windows ever," they launched windows2000test.com -- something of a hacker wargame at Microsoftīs behest.
Contests such as this gained popularity years ago -- and quickly sank into the background. Past contests have offered monetary prizes and the like -- but Microsoft offers no such bounty. The experts with the capability to pierce this installation of Windows 2000 just arenīt interested in these contests.
Bugtraq, Slashdot and other security discussion forums were awash with discussion of the testing -- was Microsoft finally getting serious about security? The most important question was, however, whether this was an "off the shelf" installation or a heavily modified installation? The answer wasnīt immediately apparent.
When OSAll first heard of the contest we tried the usual experiments -- telnet connections, pings, the eEye IIS exploit and the like. None of them worked -- none of the usual services were up, none of the usual suspects returned results. The other problem was obvious too -- as HNN said, "attacking a system blind over the net probably one the hardest things to do."
After trying the usual suspects we tried to contact the guys responsible for the test. Calls to the usual suspects at Microsoft (their PR people, etc) released little information as usual. We then tried moving towards the source -- the Win2k development team. We hit paydirt with one of the chief movers and shakers behind the test (he asked not to be identified because he said some nasty things about Bill Gates).
Apparently this installation of Windows 2000 is anything but standard -- it uses "registry switches" and "hacked DLLs" to be more secure. Engineer Exe as we like to call him at OSAll said that most of the things that make this installation of Windows 2000 so secure are things that the average user just canīt do.
Modification of the registry is easy enough in Windows 9x -- changing an entry so that Internet Explorer is called OSAll Explorer is pretty easy. But finding registry entries that arenīt documented is often impossible. Microsoft has used many of these currently undocumented registry entries to secure this version of Win2k.
When the idea of this beta test was initially floated at Redmond (Microsoft headquarters) it was shot down by some higher-ups, including Bill Gates. Apparently when their PR department heard about it they jumped right on it though (Microsoft actually outsources for their PR -- itīs basically a department though). The idea of saying Windows 2000 had "X unsuccessful hack attempts" was just loved by the guys in PR. Hell, it could go right on the shrink-wrapped box!
The odds of this modified version of Windows 2000 being pierced significantly are negligible -- especially considering that there are so few services running.
Good luck if you want to try.
Related Links on OSAll:
Windoze books in the OSAll Network Bookstore
IIS Delay
Content Blocking in Windows 2000
OSAll BBSystem |
