How
was Microsoft Network Operation Center Hacked? Why?
Well, I think its all about my fanaticism to unix, its flexibility and the security it offers to the users. I was always attracted by Unix performance and that I always chosed the unix based works. Against this sense Microsofts monopolist thoughts and awful coded for just easy use and low performance were on the other hand. This caused me to think although its not personal (Bill Gates and MS workers), the immoral rivalry that Microsoft does in institutional meaning, I have a certain anger and The rules of the game must not be the way it is now! feeling. The Games are Beginning: All started when I found a security vulnerability in Microsoft ISA Server which is a Microsoft security software. I emailed this security vulnerability to Microsoft Security Response Team which caused a twenty email traffic. The person who replied to the emails was working in a manager statute in Microsoft Security Team. I always wondered what type of a network do these people use? Do they have their own real ips? Or do they work in a subnet that noone can think easily. I started with the ip of the person who mailed me. And I was in a feverish search about "Network Operation Center (NOC)" which can be called main bone. At NOC a very crowded staff works on all kind of network activities of Microsoft. Of course a huge network like Microsofts control must be a really hard work to do and getting harder. Ive gone through a strict pursuit at NOC and first of all I detected the ip blocks which NOC uses. As I determined NOC uses a total of 120 ip blocks. And if we divide it into ips singularly, I reach to 30600 ip adresses. At the end of my research I saw that some of the subnets and ips are used for different aims. They are listed below; - Microsoft NT, Game, Office development teams. - Microsoft .Net test servers. - MSN Passport management servers. - Hostings of the Microsoft based companies. - The sniffers that works on locally servers. - Switches, routers.
However Microsoft devoloper staff work in their offices they also work elsewheres like their home or wherever they are. The servers for development have an open port which is used as port for dialin and it can be reached by any pc by using ordinary traditional Microsoft security vulnerabilities and there you can login and copy any work done by the development team and paste them to your own server. Microsoft .Net Test Servers: The tests for .Net platform which microsoft has reliance on still goes on. These tests goes on in NOCs subnets in multi-aim. For example at NOC, you can find shopping sites which works compatible with Microsofts .Net platform. These sites are designed in its needs and on every pages there is a little button named View Source which is used by the staff of the pages developers easily that they can see the codes used there.
Some of the known services by Microsoft like Hotmail, MSN Messenger servers and others like partnership, beta download use passport system and it is controlled by servers on NOC. These servers allow a user who has a passport to change the user status with its XML technology based sites. So what are the rights it gives to an ordinary passport owner, and its advantages? With these rights you can login to the sites of the microsoft developers (NOC staff) use to reach the news servers, beta download sites, gold, premium partnership sites. If you try to login to a site with a normal passport the server asks you to contact with your company or to the related Microsoft unit. But with XML control panel allows you to arrange the normal passport to an advanced rights, and witt this way you can have the right to login to any site. Hostings of the Microsoft Based Companies: Some servers that is hosted on NOC have no relationships with Microsoft on content side. These servers are usually Microsofts advanced business partners or the ones that Microsoft bought. Even usually the netbios ports are open on these servers and this makes us think they dont attach importance to these servers much. The Sniffers That Works on Locally Servers: The rigid, monopollist, controller behaviours that Microsoft shows on IT sector goes on in their servers too. The email, web, ftp, nntp connections done by Microsoft staff is logged real time by servers on NOC on some circumstances. In my opinion these logs are reported periodically to related departments. Also this gives us that the bandwith usage are logged constantly which we can reach at Bandwith Statistics reports other than content pursuit of NOC. Switches, Routers: Here it is the existence of the main keys of Microsoft NOC. They didnt use one brand switch and a router at Microsoft. They used several brands and models products. On most of the switches, routers and some critical servers you can see the below text as a caution; NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE
NOTICE NOTICE NOTICE NOTICE Last Words: What can be understood is that, Microsoft has a very long way to complete both on its products and its structure. |
securityoffice.net
is not responsible for the misuse or illegal use of any of the information
and/or the file listed on this site.
Any question please contact: ts@securityoffice.net |