FREE 30-Day Trial of VMTN Subscription Products

eBusiness Help
Find 30 Outlook add-ins that can make a difference!
Save time and be more productive with our line of Microsoft Outlook add-ins.
Turn Raw Security Data Into An Enterprise Defense System
View the overall security posture of your security infrastructure.
Start delivering qualified traffic to your site today.
Sign up today with ePilot and experience quality traffic, affordable bid prices, and comprehensive advertiser support tools.

Free Software Archive:
Enterprise and Home Networking Downloads

Recent Articles

New Mobile Router from Vodafone, Linksys and Cisco

Vodafone, Linksys and Cisco Systems have launched the new 3G/UMTS Router tuesday, which provides mobile data connectivity at high speeds.

Sun To Introduce Galaxy Servers
Today, Sun Microsystems is expected to introduce its new line of 64-bit network servers, which are code-named Galaxy, and use dual-core Opteron processors from AMD.

When you start your CCNA studies, a lot of questions come to mind! Here are the five most common questions CCNA candidates have, answered by Chris Bryant, CCIE #12933. Q. What exams do I have to take to get my CCNA?

Cisco IOS Software Modularity to Increase Network Availability

In an effort to help IT Managers boost network uptime and efficiency, Cisco has announced that it has made some Internetwork Operating System (IOS)- based software advances for its Catalyst 6500 switches.

Router Sales Shooting Through the Roof
The router market is growing and growing. According to a report published by Dell'Oro Group, the router market recorded the highest quarter-over-quarter growth rate it has experienced in over 4 years.

Host, Dig
I tend to use "dig" for DNS lookups, but it's more habit than anything else. The main page for host says "host is a simple utility for performing DNS lookup"...

Cisco Uploads Motivation 1.0 To Black Hat Community
Incensed by the networking company's hostile treatment of former ISS researcher Michael Lynn, several hackers now seek to find new flaws in Cisco's software.

Cisco Tries To End Spreading of Vulnerability Info
Michael Lynn, a former employee of Internet Security Systems (ISS) quit his job and exposed a vulnerability on Cisco's router operating system.


How Will Your Network Be Compromised?

By Darren Miller

Every time I attend a "Security Guru's" meeting, I'm amazed by how much time and effort is spent on discussing the complex hacking and computer compromise of computer networks and systems.

One person is going on about the latest "heap corruption" vulnerability and another is discussing man-in-the-middle techniques for compromising remote access systems. Most of these vulnerabilities are very difficult to successfully exploit. Some of them require specific host platforms, special tools, in-depth knowledge of many programming languages, and a lot of luck.

I'm not saying there are not tons of vulnerabilities and exploits like these, it's just that they are not always easy to take advantage of, and therefore, may not present themselves as high risk events for most organizations.

It's The Little Things That Will Get You Every Time

During security assessments, there are times when I am able to successfully exploit a "technical" vulnerability to gain system or internal network access. For instance; during a recent assessment, I identified a web application server that appeared to be vulnerable to an IIS / ASP vulnerability that would allow an attacker to dump all .ASP code on the server. After some effort and a little C/C++ code, I was able to take advantage of this exploit. After perusing through the .ASP code on the server, I was able to gain important information that resulted in the comprise of an internal system.

FREE 30-Day Trial of VMTN Subscription Products

However, the reality is that it is the simple things that are the biggest problem. Most times, internal network compromise is the result of one or more of the following:

The installation of a web support application that has little to no security features to begin with;

The installation of support software that has a well-known default password for the admin account. And, the person installing the software never bothers to change the password;

Improperly configured communications devices such as routers and switches;

Important, and sometimes critical documents left on web servers. Information that only internal or technical people should have access to;

Poor password and authentication policy. Users using weak passwords to access accounts, especially remote access devices that are present on the Internet;

Test servers that the have been forgotten about and are still present on the Internet;

Poor network border architecture For instance; installing a firewall and forgetting that there are other network that need to be protected or should be placed behind the firewall.

The above is just a handful of "Little Things" that get overlooked and can result in the undoing of your networks security measures.

As an example; Many organizations provide their internal and external customers with a public FTP service. Most times, this is done to allow people to easily post "non-critical" or public information and share it with other associates.

Recently, I identified just such an FTP server. The server allowed anonymous logons, however it contained sub-directories that were secured. These secure directories were only accessible by the people who owned the account. It was obvious to me that I was not going to easily compromise these accounts. On the other hand, sitting right in the anonymous "root" directory was a .zip file that was rather large. I downloaded the file, which took quite a while, unzipped it on my desktop, and guess what it contained? It was a compressed file of the entire FTP server, including the secure directories.

I would bore you with what I found within these directories. The bottom line is, I should have never had access to the information they contained.


The bottom line is this; it really is the little things that will come back to haunt you when it comes to computer security. No system should ever be rushed into production. This is one of the most common causes for poorly secured systems. The team in charge of implementing new technology needs to be educated on how to securely deploy new systems. And if you are installing support software from outside vendors, make sure you thoroughly review their products security features. Also, make sure they fully disclose any known bugs or improperly functioning features.

About the Author:
Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals.

About NetworkNewz
NetworkNewz editors, writers and contributors focus on both the big picture and the details of networking. At NetworkNewz our goal is to deliver to you The Key To Network Management.

NetworkNewz is brought to you by:

-- NetworkNewzis an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2005 iEntry, Inc.  All Rights Reserved  Privacy Policy  Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article

The Keys To Network Management Ask Questions in the Networking Forum NetworkNewz News Archives About Us Feedback NetworkNewz Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact