Vulnerability : Someone/Attacker reviews your Network, Server and Security Policies and determine your "weakpoints"
|
|
| Minimum Vulnerability Prevention |
- Dont Make the 7 or 10 Common Mistakes
- ( 80% to 90% ) of your security breaches will be internal
- By accident and ooopss
- Default installations
- Untested releases of patches, extra binaries
- Employees want to get around established Corp Security Policy
- Watch out for Un-happy (fired) ex-employees
- Why do outside hackers/script kiddies hack away
- Subscribe to the various Security Mailing Lists
- Subscribe to the various CERT Advisories
|
| Common Vulnerabilities |
|
| Physical Vulnerability |
- UnLocked Computer rooms and Un-Locked Spare parts
- UnLocked power panels
- UnLocked doors or locks without entry Logs
- UnLocked Laptop and PCs and Tapes
- What is on the disks ( PCs, Laptops ) and tapes ??
- UnLocked cars
- Pull/TripOver the power cord !!
- Pull/TripOver the network cable !!
- Passwd on pieces of paper, under the keyboard
|
| Network Vulnerability |
- A construction worker with a backhoe tearing up the road outside your building
- Pull the power cord
- Pull the network uplink cable
- Live network connection but NOT monitored
- ( conference room, wireless, dhcp, etc )
- Install a Sniffer and see what is visible to the hacker/attacker
- Park outside the building with a wireless Sniffer
|
| Server Vulnerability |
- Pull the network cable
- Pull the power cord
- Default Installation ... need patches and upgrades
Harden the server
|
| Proceedural Vulnerability |
- Convenience vs Security vs Productivity Tradeoff
- Easy to guess Passwds
- Root passwd should be different on each server
- Same userID or same passwd for various "secure/insecure" apps
- ssh, email, pop3, vpn, ppp, wireless, ...
- usually beyond the scope of the corp admin to go to employee's homes
|
| Software Vulnerability |
- Lets Look at the Exploits Code available instead
Linux-Sec.net/Audit/Tools.sw Software Vulnerabilities
- Network Vulnerabilities
Linux-Sec.net/Exploits/DOS DOS Attacks
- DHCP Server ( use static ip# instead )
- Wireless Network Vulnerabilities
- Colo Network Vulnerabilities
- Cleartext passwd -- just use a passwd sniffer and you're in
- FTP Server ( use secure FTP instead )
- POP3/Imap Server ( use secure pop3 instead )
- PPP Server ( use secure authentication instead )
- Telnet Login Server ( use ssh instead )
- Server Security
- Kernel Vulnerabilities - Hardening
- DNS vulnerabilities
- Firewall vulnerabilities
- FTP Server vulnerabilities
- Mail Server vulnerabilities
- Printer Server vulnerabilities
- POP3/Imap Server vulnerabilities
- PPP Server vulnerabilities
- SSH/login Server vulnerabilities
- VPN, PPTP Server vulnerabilities
- Web Server vulnerabilities
|