New Mobile Router from Vodafone, Linksys and Cisco
Vodafone, Linksys and Cisco Systems have launched the new 3G/UMTS Router tuesday, which provides mobile data connectivity at high speeds.
Sun To Introduce Galaxy Servers
Today, Sun Microsystems is expected to introduce its new line of 64-bit network servers, which are code-named Galaxy, and use dual-core Opteron processors from AMD.
Cisco CCNA FAQ
When you start your CCNA studies, a lot of questions come to mind! Here are the
five most common questions CCNA candidates have, answered by Chris Bryant, CCIE
#12933. Q. What exams do I have to take to get my CCNA?
IOS Software Modularity to Increase Network Availability
In an effort to help IT Managers boost network uptime and efficiency, Cisco has
announced that it has made some Internetwork Operating System (IOS)- based software
advances for its Catalyst 6500 switches.
Sales Shooting Through the Roof
The router market is growing and growing. According to a report published by Dell'Oro
Group, the router market recorded the highest quarter-over-quarter growth rate
it has experienced in over 4 years.
I tend to use "dig" for DNS lookups, but it's more habit than anything else. The
main page for host says "host is a simple utility for performing DNS lookup"...
Uploads Motivation 1.0 To Black Hat Community
Incensed by the networking company's hostile treatment of former ISS researcher
Michael Lynn, several hackers now seek to find new flaws in Cisco's software.
Tries To End Spreading of Vulnerability Info
Michael Lynn, a former employee of Internet Security Systems (ISS) quit his job
and exposed a vulnerability on Cisco's router operating system.
How Will Your Network Be Compromised?
Every time I attend a "Security Guru's" meeting, I'm amazed by how much time and effort is spent on discussing the complex hacking and computer compromise of computer networks and systems.
One person is going on about the latest "heap corruption" vulnerability and another is discussing man-in-the-middle techniques for compromising remote access systems. Most of these vulnerabilities are very difficult to successfully exploit. Some of them require specific host platforms, special tools, in-depth knowledge of many programming languages, and a lot of luck.
I'm not saying there are not tons of vulnerabilities and exploits like these, it's just that they are not always easy to take advantage of, and therefore, may not present themselves as high risk events for most organizations.
It's The Little Things That Will Get You Every Time
During security assessments, there are times when I am able to successfully exploit a "technical" vulnerability to gain system or internal network access. For instance; during a recent assessment, I identified a web application server that appeared to be vulnerable to an IIS / ASP vulnerability that would allow an attacker to dump all .ASP code on the server. After some effort and a little C/C++ code, I was able to take advantage of this exploit. After perusing through the .ASP code on the server, I was able to gain important information that resulted in the comprise of an internal system.
However, the reality is that it is the simple things that are the biggest problem. Most times, internal network compromise is the result of one or more of the following:
The installation of a web support application that has little to no security features to begin with;
The installation of support software that has a well-known default password for the admin account. And, the person installing the software never bothers to change the password;
Improperly configured communications devices such as routers and switches;
Important, and sometimes critical documents left on web servers. Information that only internal or technical people should have access to;
Poor password and authentication policy. Users using weak passwords to access accounts, especially remote access devices that are present on the Internet;
Test servers that the have been forgotten about and are still present on the Internet;
Poor network border architecture For instance; installing a firewall and forgetting that there are other network that need to be protected or should be placed behind the firewall.
The above is just a handful of "Little Things" that get overlooked and can result in the undoing of your networks security measures.
As an example; Many organizations provide their internal and external customers with a public FTP service. Most times, this is done to allow people to easily post "non-critical" or public information and share it with other associates.
Recently, I identified just such an FTP server. The server allowed anonymous logons, however it contained sub-directories that were secured. These secure directories were only accessible by the people who owned the account. It was obvious to me that I was not going to easily compromise these accounts. On the other hand, sitting right in the anonymous "root" directory was a .zip file that was rather large. I downloaded the file, which took quite a while, unzipped it on my desktop, and guess what it contained? It was a compressed file of the entire FTP server, including the secure directories.
I would bore you with what I found within these directories. The bottom line is, I should have never had access to the information they contained.
The bottom line is this; it really is the little things that will come back to haunt you when it comes to computer security. No system should ever be rushed into production. This is one of the most common causes for poorly secured systems. The team in charge of implementing new technology needs to be educated on how to securely deploy new systems. And if you are installing support software from outside vendors, make sure you thoroughly review their products security features. Also, make sure they fully disclose any known bugs or improperly functioning features.
About the Author:
Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals.