Re: statistics on hacking
From: Roland Hall (nobody_at_nowhere)
Date: 05/18/04
- Next message: Sérgio Pinheiro: "Can't Start Server (URGENT)"
- Previous message: Christoph Saam: "Windows Server 2003 Backup erzeugt leere Berichte"
- In reply to: chris: "statistics on hacking"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 18 May 2004 04:48:27 -0500
"chris" wrote in message news:e49701c43c52$e23622c0$a501280a@phx.gbl...
: Im trying to get lots of ammo for some security changes I
: want to make @ my job. Does anyone know of a site or URL
: to documentation talking about the amount hacking that
: comes from the inside? (company employees)
Chris...
There are a lot of security sites out there but what you're looking for
sounds more like an article, like one that would come out on Security
Magazine. One thing you should understand is that employees will ALWAYS be
the greatest risk to any network because they're behind the perimeter and
that have some access already, not to mention usually you're not looking for
anything from behind the firewall(s), although you should.
Other relevant information:
Why is the LAN user so dangerous? The #1 reason is because social
engineering is the easiest hack to perform with the greatest results of any
hack every derived. It probably always will be. The bigger the company,
the easier it is to get information.
Ex. Ring, ring. Hi, thank you for calling [company name], how may I direct
your call. Hi. I'm having trouble with my computer will you please connect
me to support? Sure, please hold. [lousy hold music]. Hi, this is Tim Vic
[snicker] how can I help you? Hi Tim. This is John S. Evil, I'm calling
from HackFree Software Co. As an industry consultant you qualify for our
software free of charge. This is a full version of our latest product that
helps you visually see attacks being targeted against your network. I just
need your address and I'll ship it today. It is a NFR [not for resale]
version so please do not share it with anyone and it cannot be sold. I'm
going to throw in some t-shirts with our slogan, Hack Free! Is XL ok?
Great! Is it ok to address this to you? Terrific! Thanks Tim, I'll let
you get back to work. Oh, BTW, since our software looks for worms, network
attacks, etc., some antivirus software applications misinterpret our
software so if you have trouble installing it, you might have to temporarily
disable your RTAV during the install. You can re-enable it after the
installation. Be sure that you do because you don't want to be unprotected.
Ok, thanks again Tim. Bye now.
John sends Tim the software, but forgets the t-shirts [obviously] and Tim
tries to install and willingly disables his antivirus while running the
install. Tim also had administrative access and connections to every server
on the network, not to mention rights to every system. YeeHa! The network
is busy today!
Sound far fetched? This particular scenario works more than you know and
now consider sending something free to one of your users who has full access
to their system and the firewall doesn't block outgoing services, just
incoming. Test it out yourself. Plan it with your IT department and just
have someone start calling for people and see how many accept the free
software.
Want to make it simpler? Since nobody is supposed to share their passwords,
send out an email asking for everyone to verify their current password by
sending it to the helpdesk so it can be tested with some new software you're
getting ready to install. All of your faithful little employees will
blindly comply. Passwords were now just sent in plain text across the wire.
The bottom line is, attackers only need to get past your defenses once.
Everyone on the planet is a potential attacker and every user in your
network is a potential victim. That's a given. Now, everyone on your
network is ALSO a potential attacker, willingly and unwillingly.
I am primarily a network security professional and I can give you a response
to any argument they [the clueless] can make against spending $$ towards
network security. Here are some articles that can help:
http://techrepublic.com.com/5100-6264-5179291.html
http://techrepublic.com.com/5100-6264-5171849.html?tag=series
http://techrepublic.com.com/5100-6264-5171470.html?tag=series
http://articles.findarticles.com/p/articles/mi_m0BJK/is_9_12/ai_78355284
http://articles.findarticles.com/p/articles/mi_m0COW/is_2001_Nov_1/ai_80319480
You gotta' love this next one!
http://www.securitypipeline.com/news/18902074
http://www.securitypipeline.com/news/20301083
http://whitepapers.zdnet.co.uk/0,39025945,60069468p-39000388q,00.htm
http://whitepapers.zdnet.co.uk/0,39025945,60086091p,00.htm
http://whitepapers.zdnet.co.uk/0,39025945,60082151p,00.htm
I wonder if Bill will send Intel a xmas card for this one?
http://www.securitypipeline.com/news/20301079
What most people don't understand and usually end up screwing up after an
attack or compromise:
http://techrepublic.com.com/5100-6264-5168319.html?tag=series
Good luck!
-- Roland Hall /* This information is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. */ Online Support for IT Professionals - http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech How-to: Windows 2000 DNS: http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
- Next message: Sérgio Pinheiro: "Can't Start Server (URGENT)"
- Previous message: Christoph Saam: "Windows Server 2003 Backup erzeugt leere Berichte"
- In reply to: chris: "statistics on hacking"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
