I will not cover the essential of firewalls. These are a must or else anybody can sail through the network. It is like a house with the front door wide open with a sign, rob me !
Assumed Firewall, Anti-Virus installed.....
What about folders and files ? Are you sure those sensitive files are not able to be accessed by all of your office staff but only trusted Sr. Managers or yourself. Say a technical savy personnel happen to have some knowledge of hacking, high possibility that your most valuable data in your server may be compromised.
Further, the vendor that installed the server and application, does he/she has the admin password ? What services are installed in the server ? Intruders may exploit the services vulnerabilities to gain access into the server.
It is difficult to to know where or who is the Intruder. Are they the intruders from the Internet only ? These are attackers that need to break into your firewall and IPS (Intrusion Prevention System) before getting their hands on the servers. There are those that can break into even the most advance security systems. Fortunately, the numbers are not many. However if they are your personnel, temporary staff, vendors, contracts, dispatch personnel. This will be easier as it is an insider job. Someone that have knowledge of your application, server or network. You will never know.
Windows Hacking
Checkout this video on how a basic penetration is done using Windows.
Windows Hacking in YouTube.com
There are many more ways of doing this for those with Linux/Unix machines.
So what to do ? I have observed banks and large companies taking the trouble to view every folders, files in their servers and ensure only authorized IDs are allowed to access these servers.
For example, to check world writable files and directories in Unix servers and output to a file for analysis, use this command:
find / -type f –perm -22 –exec ls –l > /home/Gabriel/worldfiles.csv \;
find / -type d –perm -22 –exec ls –l > /home/Gabriel/worlddirectory.csv \;
I will cover more on Unix security in my next blog.
As for Windows, use DumpSec ACL to retrieve the relevant files for analysis and Nmap, Nessus for services. I did security assessment for a number of companies and they were surprised to find IDs of staff that have resigned still active in their servers. Worst still, most of the files that contained critical data are also read and writable by everybody. If the person with ill intention did what the video above demonstrated, he/she may have access to these files already.
Please refer to this site www.comsectutorial.com for more on basic security and Windows Hardening tips.
2 comments:
Great Article.
Sadly, Ive found alot of online users do not have any idea if their Firewall is configured properly to resist attacks.
Yes, I agree on this too. This one takes the cake....this chap has a wireless network (no encryption) connected in his internal network. The internal network is protected by firewall and IPS.
The big risk is anyone outside the office with a wireless laptop can connect directly into the network. I found a number of IP addresses that were not traceable. Time for user education.
Post a Comment