Santronics got hacked!

Basically the hacker didn't come through WINS at all, but through Windows
calls -- in other words, they didn't hack WINS, but they hacked the NT
Server it was running on. WINS, of course, can only be as secure as the OS
it's running on (to an extent...since it doesn't use NT user security, you
could hack the NT user security and still not hack into WINS itself).

It sounds like the biggest part of the problem was that Santronics wasn't
blocking ports that they thought they were blocking at the router, which
allowed the initial hack.

Not in this case.  Winserver wasn't the open door, an open port on
the Router was.

Once that is open, you can do all kinds of NETBIOS functions.  A
MAINTENANCE / HACK utility called NETBUS was installed which left
open a hole into their network. Once that was done,  There is
nothing to prevent someone from deleating files or changing 
anything.  Up to and including mods to Winserver which  by itself
would be otherwise secure.
