network security news, articles, tools, links...
Dropped here by your search engine? Use the same keyword in the google box below to search this site.
Let's play pretend.
Pretend you've got a malicious insider on your network with a bone to pick. We'll call him Eddie. Perhaps Eddie is a consultant or even a salesperson. He might even come in during off hours to work his "security" shift. Regardless of what he does, he knows it is pretty simple to connect to someone's network and do just about anything he wants. Why? Default Windows settings, that's why.
Eddie doesn't know about the wonders of Group Policy Object (GPO) in Windows 2000 and later. However, thanks to his malicious mindset and quest for information, he knows that most Windows systems aren't hardened from common threats and realizes there are plenty of goodies in the form of 1s and 0s on your network for the taking.
Now this Eddie doesn't need a wireless LAN connection to get into your network. He can plug right into one of the dozens of live network drops throughout the building -- in empty cubicles and meeting rooms. As a fallback plan, Eddie knows he will likely succeed in attaching to an unsecured Wi-Fi access point just as easily if he needs to. He also knows that having physical access to your systems is invaluable.
Based on my experience, Eddie will do several things on your Windows systems -- most likely on 2000, probably even XP and quite possibly on Server 2003. (The sad thing is that all of these breaches could be prevented by simply tightening your Group Policy settings.) Ten attacks you can easily avoid with Group Policy
| Ten attacks you can easily avoid with Group Policy |
Pretend you've got a malicious insider on your network with a bone to pick. We'll call him Eddie. Perhaps Eddie is a consultant or even a salesperson. He might even come in during off hours to work his "security" shift. Regardless of what he does, he knows it is pretty simple to connect to someone's network and do just about anything he wants. Why? Default Windows settings, that's why.
Eddie doesn't know about the wonders of Group Policy Object (GPO) in Windows 2000 and later. However, thanks to his malicious mindset and quest for information, he knows that most Windows systems aren't hardened from common threats and realizes there are plenty of goodies in the form of 1s and 0s on your network for the taking.
Now this Eddie doesn't need a wireless LAN connection to get into your network. He can plug right into one of the dozens of live network drops throughout the building -- in empty cubicles and meeting rooms. As a fallback plan, Eddie knows he will likely succeed in attaching to an unsecured Wi-Fi access point just as easily if he needs to. He also knows that having physical access to your systems is invaluable.
Based on my experience, Eddie will do several things on your Windows systems -- most likely on 2000, probably even XP and quite possibly on Server 2003. (The sad thing is that all of these breaches could be prevented by simply tightening your Group Policy settings.) Ten attacks you can easily avoid with Group Policy
More News
- HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
- Anatomy of a botnet
- Microsoft patches 8 critical bugs in Windows, Office
- Virtualization users should expect more attacks
- Threat From DNS Bug Is not Over, Experts Say
- Website infection rate triples
- How to Use Honeypots to Improve Your Network Security
- Microsoft Patch Tuesday Targets 26 Application Flaws
- SSL VPNs might not be as secure as you think
- 8 tips to filter spam effectively
- Onus on IP address owner to prove innocence
- How to install an SSH Server in Windows Server 2008.
- Several vulnerabilities closed in the Linux kernel
- 8 Best Practices for Encryption Key Management and Data Security
- Free Honeypot Client Could Sting Malware
- What Firewalls Do & Donot Do
- Symantec fingers D Link for bot attacks
- WhiteHat: 90% of Sites Still Vulnerable
- Red Hat releases free security code
- A new type of Bluetooth security
You are browsing the old version of "The Network Security. Org", Please
click here to visit the
new version.
Categories
Web Security
Basic Security
Network Tools
Archived Articles
Wireless Security
Networking Basics
Disaster Recovery
Enterprise Security
Intrusion Detection
More Archived Articles
Exploits & Vulnerabilities
Viruses & other Malware
Basic Security
Network Tools
Archived Articles
Wireless Security
Networking Basics
Disaster Recovery
Enterprise Security
Intrusion Detection
More Archived Articles
Exploits & Vulnerabilities
Viruses & other Malware
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main() [function.include]: Failed opening 'ad_network_213.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php:../:../../:../../../:../../../../') in /home/thenetw/public_html/news/View.php on line 282