>Performing a pen test against a medium sized bank
>find a Windows 2000 server running IIS 5.0
>ask them what it's used for
>"that's our main webserver"
>mfw
>>61321129
we have an ftp which still runs win2000
>>61321139
Is there any reason why? When I asked them they had no reason why other than they didn't want to go through the hassle of upgrading
>>61321129
well, did you get root mr hackerman?
>>61321194
I mean, why else would ome use an old OS thats been cracked and exploited numerous times by many different individuals. Besides, Its probably there own custom house blend of Win2000, so theres little danger in keeping it around if only bank employees know how to operate it properly.
>>61322154
>custom house blend of Win2000, so theres little danger
Gotta love that security through obscurity
>>61322969
Except this shit does not apply in the world of cybersecurity, because when something breaks its going to ruin your fucking day.
You have to take very proactive measures to keep shit from breaking.