NT 4.0 Network Managers: Watch Out For This Security Flaw
Microsoft NT users beware. When NT is used with its Service Pack 4 (SP4), a serious security flaw allows hackers to act as hosts to grab your valuable information.
Hackers use Predictable IP Sequence Numbering to gain access to your data. Supposedly, the SP4 was developed by Microsoft to attack this problem in earlier versions of NT. Unfortunately, it didn't work.
NT SP4 users need to take a look at the potential security problems associated with using the package as an email host and Web server. Possible solutions include disabling Internet access or moving to non NT platforms until the security hole is fixed.
The fault has been eliminated in Windows 2000 and "will be back-ported to NT 4.0 in a future SP release," says Sunil Gopal, a technical specialist at Microsoft. This means that the recently released SP5 still fails to fix the security flaw.
Articles relating to this flaw, and links to other sites addressing the issue, can be found on the NTA Monitor site which discovered the flaw in an engagement for a client.