HACKERS

Open Source software: Free, but not cheap

by

Open Source software is usually developed in an open, collaborative manner. The software is typically free, and users are able to use, change, improve, or share it. However, three considerations about Open Source software don’t bode well for use with VM: Questionable code. Open Source code is developed by the public, and you can’t be … Read more

Run Software Yourself

by

Software-based solutions enable you to install software for vulnerability management on your internal network and run them yourself. Software can automate many processes for VM. However, having the control over VM software carries the usual price tag of having to manage it (and secure it). You have to successfully operate and maintain everything – in … Read more

Identifying the vulnerability shortlist

by

The VM solution you select needs to provide the capability to scan for and fix vulnerabilities in a broad range of categories, including: Back Doors and Trojan Horses (bypass authentication systems).  Brute force attacks (defies cryptography by systematically trying different keys). CGI (exploits the Common Gateway Interface). Databases. DNS and Bind (exploits Domain Name … Read more

Detecting and Removing Vulnerabilities

by

Vulnerability management has evolved from simply running a scanner on an application, computer, or network to detect common weaknesses. Scanning is an essential element of vulnerability management, but VM includes other technologies and workflow that contribute to a bigger picture required for controlling and removing vulnerabilities. The primary objectives of VM are to:  Identify … Read more

Understanding Linux Vulnerabilities

by

Vulnerabilities    and    attacks    against    Linux    are    creating    business    risks    in    a    growing number    of    organizations    —    especially    e-commerce    companies,    network    and    IT/security vendors,    and    cloud    service    providers    that    rely    on    Linux    for    many    of    their    systems, including    their    own    products.    When    Linux    systems    are    hacked,    the    victim organizations    can    experience    the    same    side    effects    as   … Read more

Sizing Up Mobile Vulnerabilities

by

It    pays    to    find    and    fix    the    low-hanging    fruit    on    your    network.    That’s    where    you    get    the most    bang    for    your    buck.    The    following    mobile    laptop,    phone,    and    tablet    weaknesses should    be    front    and    center    on    your    priority    list: No    encryption Poorly    implemented    encryption No    power-on    passwords Easily    guessed    (or    cracked)    power-on    passwords For    other   … Read more

Understanding the Implications of Wireless Network Vulnerabilities

by

Wi-Fi    is    very    susceptible    to    attack    —    even    more    so    than    wired    networks    if    it’s    not    configured    or    deployed    properly.    Wireless    networks    have    long- standing    vulnerabilities    that    can    enable    an    attacker    to    bring    your    network    to    its    knees    or allow    your    sensitive    information    to    be    extracted    right    out    of    thin    air.    If    your    wireless network   … Read more

Putting Up General Network Defenses

by

Use    stateful    inspection    rules    that    monitor    traffic    sessions    for    firewalls.    This    can help    ensure    that    all    traffic    traversing    the    firewall    is    legitimate    and    can    prevent    DoS attacks    and    other    spoofing    attacks. Implement    rules    to    perform    packet    filtering    based    on    traffic    type,    TCP/UDP ports,    IP    addresses,    and    even    specific    interfaces    on    your    routers    before    the    traffic   … Read more

Scanning SNMP

by

Simple    Network    Management    Protocol    (SNMP)    is    built    in    to    virtually    every    network device.    Network    management    programs    (such    as    HP    OpenView    and    LANDesk)    use SNMP    for    remote    network    host    management.    Unfortunately,    SNMP    also    presents security    vulnerabilities. Vulnerabilities The    problem    is    that    most    network    hosts    run    SNMP    enabled    with    the    default    read/write community    strings    of    public/private.    The   … Read more

by

You    can    implement    various    operating    system    security    measures    to    ensure    that  passwords    are    protected. Windows The    following    countermeasures    can    help    prevent    password    hacks    on    Windows    systems: Some    Windows    passwords    can    be    gleaned    by    simply    reading    the    cleartext    or crackable    ciphertext    from    the    Windows    Registry.    Secure    your    registries    by    doing the    following: Allow    only    administrator    access. … Read more