 |
Further
Reading ...
|
|
Computer Maintenance and Improving PC Performance
Once you bring your personal computer home from the store or receive it in the mail there is no one around to offer basic personal computer maintenance tips for cleaning up and improving performance of your computer. Maintenance and cleaning up of...
Web Development Processes and Technical Environments
The process of Web application development is critical to the success of web-based projects. The proper processes can not be enforced unless technical environments are properly setup. Technical environments are required for development, test and...
Refurbished Digital Cameras- Where And How?
Digital cameras are available everywhere today. Whether your budget is limited to $30 or it is as high as $300, the choice is large and varied. But if you are looking for a camera with good features at a cheap price, then the best choice for you...
Microsoft CRM Programming Secrets – tips for developer
This article is for advanced Microsoft CRM SDK C# developers. It describes the technique of direct SQL programming, when SDK doesn't have the functionality to do the job. Introduction. Looks like Microsoft CRM becomes more and more popular,...
|
|
|
How Will Your Network Be Compromised?
|
 |
Written By:
Darren Miller
|
|
|
You may reprint or publish this article free of charge as
long as the bylines are included.
Original URL (The Web version of the article)
---------------------------------------------
http://www.defendingthenet.com/NewsLetters/HowWillYourNetworkBeCompromised.ht
m
Title
-----
How Will Your Network Be Compromised?
Complex Hacking - Computer Compromise
------------------------------------------------------
Every time I attend a "Security Guru's" meeting, I'm amazed
by how much time and effort is spent on discussing complex
hacking and computer compromise of computer networks and
systems.
One person is going on about the latest "heap corruption"
vulnerability and another is discussing man-in-the-middle
techniques for compromising remote access systems.
Most of these vulnerabilities are very difficult to
successfully exploit. Some of them require specific host
platforms, special tools, in-depth knowledge of many
programming languages, and a lot of luck.
I'm not saying there are not tons of vulnerabilities and
exploits like these, it's just that they are not always easy
to take advantage of, and therefore, may not present
themselves as high risk events for most organizations.
It's The Little Things The Will Get You Every Time
--------------------------
During security assessments, there are times when I am able
to successfully exploit a "technical" vulnerability to gain
system or internal network access. For instance; during a
recent assessment, I identified a web application server
that appeared to be vulnerable to an IIS / ASP vulnerability
that would allow an attacker to dump all .ASP code on the
server. After some effort and a little C/C++ code, I was
able to take advantage of this exploit. After perusing
through the .ASP code on the server, I was able to gain
important information that resulted in the comprise of an
internal system.
However, the reality is it is the simple things that are the
biggest problem. Most times, internal network compromise is
the result of one or more of the following:
The installation of a web support application that has
little to no security features to begin with;
The installation of support software that has a well-known
default password for the admin account. And, the person
installing the software never bothers to change the
password;
Improperly configured communications devices such as routers
and switches;
Important, and sometimes critical documents left on web - continued below ...
|
|
|
continued ...
servers. Information that only internal or technical people
should have access to;
Poor password and authentication policy. Users using weak
passwords to access accounts, especially remote access
devices that are present on the Internet;
Test servers that the have been forgotten about and are
still present on the Internet;
Poor network border architecture For instance; installing a
firewall and forgetting that there are other network that
need to be protected or should be placed behind the
firewall.
The above is just a handful of "Little Things" that get
overlooked and can result in the undoing of your networks
security measures.
As an example; Many organizations provide their internal and
external customers with a public FTP service. Most times,
this is done to allow people to easily post "non-critical"
or public information and share it with other associates.
Recently, I identified just such an FTP server. The server
allowed anonymous logons, however it contained
sub-directories that were secured. These secure directories
were only accessible by the people who owned the account. It
was obvious to me that I was not going to easily compromise
these accounts. On the other hand, sitting right in the
anonymous "root" directory was a .zip file that was rather
large. I downloaded the file, which took quite a while,
unzipped it on my desktop, and guess what it contained? It
was a compressed file of the entire FTP server, including
the secure directories.
I would bore you with what I found within these directories.
The bottom line is, I should have never had access to the
information they contained.
Conclusion
----------
The bottom line is this; it really is the little things that
will come back to haunt you when it comes to computer
security. No system should ever be rushed into production.
This is one of the most common causes for poorly secured
systems. The team in charge of implementing new technology
needs to be educated on how to securely deploy new systems.
And if you are installing support software from outside
vendors, make sure you thoroughly review their products
security features. Also, make sure they fully disclose any
known bugs or improperly functioning features.
About the Author
Darren Miller is an Information Security Consultant with
over sixteen years experience. He has written many
technology & security articles, some of which have been
published in nationally circulated magazines & periodicals.
|
|
|
|
 |
|
|
| _Additional Resources ... |
|
|
|
|
|
|
|
|
