Parliament IT bods' fail sees server's naked OS exposed to world+dog Someone in the Parliamentary Digital Service managed to leave a server so completely exposed to the internet that Google indexed the Windows machine’s operating system. Register reader Chris, who stumbled across this while searching for something related to a Google update, discovered that sizeable chunks of bills.parliament. …
I can't remember why I shared / over samba 16 years ago, but I did.
I can't remember why I made it guest writeable, but I did.
I can't remember why I made that machine's IP also the DMZ, but I did. (probably for telnet and I didn't yet bother with port-fw in the router)
I think I remember that there was nothing important on it and it was just a nearly-useless P-166 or 200 with maybe 32MB and maybe a 1- or 2GB disk.
When I came in a day or two later, it didn't answer. / was empty and I instantly knew why.
"At least" I got that out of the way, back before anything was riding on it.
@Alister: re: QDOS
A few years ago, I signed on after taking voluntary redundancy, and because I worked in IT, I got referred to a training outfit and they called themselves QDOS. I mentioned when I saw them, that QDOS used to stand for 'Quick and Dirt Operating System', so older IT veterans like myself would associate 'Quick and Dirty'with their business, not 'kudos'. I asked them why they hadn't Googled and checked the history. They seemed a little embarrassed.
If that allowed read-only access to, for instance, the NTDS or other password files.... then ouch.
John The Ripper can take those and crack the passwords offline, and then use them to login elsewhere, most likely.
And I'd guess that any web server is probably holding at least SSL private keys... again... ouch.
Nope, that's not what they've done.
They've set the default IIS site to point at the root of C:\ and then turned on file and folder browsing. So the whole drive is available over port 80 from the web server - which is how Google have managed to index it.
Which actually takes more concerted fail than your way...
Its actually quite easy to do.... no need to activly change file permissions, the fat finger path with a space plus using an account to run the IIS application/site that is a member of the default Users group would have the seen results. Easy mistake to make but still not forgivable...
Been a good few years since I touched IIS but isn't it actually quite fiddly to configure it that poorly? By default it's way more secure?
these days, maybe but back in yesteryear, it was not so stable or secure... it is still as fiddly as hell, though...
It's also obviously stuff that they can use in any future criminal case against you: hacking government servers.
I'm not really sure looking at Google's cache is tantamount to hacking a government server. I'll add more once I've dealt with that persistent knocking on my front door. Sounds like some ejit is trying to kick the whole bloody door down!
This post has been deleted by its author
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
