Appendix A.


Common Exploits and Attacks


Table A 1 details some of the most common exploits and entry points used by intruders to access


organizational network resources. Key to these common exploits are the explanations of how they are


performed and how administrators can properly safeguard their network against such attacks.


Exploit


Description


Notes


Null or Default


Leaving administrative passwords


Commonly associated with


Passwords


blank or using a default password


networking hardware such as routers,


provided by the application package.


firewalls, VPNs and network


This is most common in hardware


attached storage (NAS) appliances;


such as routers and BIOSes, though


Common in many legacy operating


some services that run on Linux can


systems, especially OSes that bundle


contain default administrator


services such as UNIX and


passwords (though Red Hat Linux


Windows;


does not ship with them)


Administrators sometimes create


privileged users in a rush and leave


the password null, a perfect entrypoint


for malicious users who discover the


user


Default Shared


Secure services sometimes package


Most common in wireless APs and


Keys


default security keys for development


preconfigured secure server


or evaluation testing purposes. If these


appliances


keys are left unchanged and placed in


CIPE (refer to Chapter 6) contains an


a production environment on the


sample static key that must be


Internet, any user with the same


changed before moving to a


default keys have access to that


production environment


shared key resource, and any sensitive


information contained in it


IP Spoofing


A remote machine acts as a node on


Spoofing is quite difficult as it


your local network, finds


involves the attacker predicting


vulnerabilities with your servers, and


TCP/IP SYN ACK numbers to


installs a backdoor program or trojan


coordinate a connection to target


to gain control over your network


systems, but several tools are


resources.


available to assist crackers in


performing such a vulnerability


Depends on target system running


services (such as


rsh


,


telnet


, FTP


and others) that use source based


authentication techniques, which are


not usually recommended compared


to PKI or other forms of encryption


authentication as used in


ssh


or


SSL/TLS.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      web hosting comparison

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Jsp Hosting
Cheap Hosting



Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved