How Will Your Network Be Compromised?

Written by Darren Miller

Continued from page 1

Important, and sometimes critical documents left on web servers. Information that only internal or technical people should have access to;

Poor password and authentication policy. Users using weak passwords to access accounts, especially remote access devices that are present onrepparttar Internet;

Test servers thatrepparttar 143157 have been forgotten about and are still present onrepparttar 143158 Internet;

Poor network border architecture For instance; installing a firewall and forgetting that there are other network that need to be protected or should be placed behindrepparttar 143159 firewall.

The above is just a handful of "Little Things" that get overlooked and can result inrepparttar 143160 undoing of your networks security measures.

As an example; Many organizations provide their internal and external customers with a public FTP service. Most times, this is done to allow people to easily post "non-critical" or public information and share it with other associates.

Recently, I identified just such an FTP server. The server allowed anonymous logons, however it contained sub-directories that were secured. These secure directories were only accessible byrepparttar 143161 people who ownedrepparttar 143162 account. It was obvious to me that I was not going to easily compromise these accounts. Onrepparttar 143163 other hand, sitting right inrepparttar 143164 anonymous "root" directory was a .zip file that was rather large. I downloadedrepparttar 143165 file, which took quite a while, unzipped it on my desktop, and guess what it contained? It was a compressed file ofrepparttar 143166 entire FTP server, including repparttar 143167 secure directories.

I would bore you with what I found within these directories. The bottom line is, I should have never had access torepparttar 143168 information they contained.

Conclusion ---------- The bottom line is this; it really isrepparttar 143169 little things that will come back to haunt you when it comes to computer security. No system should ever be rushed into production. This is one ofrepparttar 143170 most common causes for poorly secured systems. The team in charge of implementing new technology needs to be educated on how to securely deploy new systems. And if you are installing support software from outside vendors, make sure you thoroughly review their products security features. Also, make sure they fully disclose any known bugs or improperly functioning features.

Darren Miller is an Information Security Consultant with over sixteen years experience. He has written many technology & security articles, some of which have been published in nationally circulated magazines & periodicals.

Three-pronged Trojan attack threatens security on the Internet.

Written by MicroWorld Technologies Inc.

Continued from page 1

Mitglieder putsrepparttar system under complete control ofrepparttar 141647 attacker by openingrepparttar 141648 'backdoor' on a port using whichrepparttar 141649 attacker can updaterepparttar 141650 Trojan, to stay a step ahead of attempts to remove it, download and execute files, initiate an SMTP server to relay spam, execute files onrepparttar 141651 infected computer and download and execute files via an URL. "This is what makes it scary," say Aarti, Assistant Manager, QA, MicroWorld Technologies. "The fact thatrepparttar 141652 system can now be used as a remote controlled 'soldier' (bot) in an army (botnet) of similarly compromised machines to launch criminally motivated attacks, causing harm to Internet users."

Botnets thus formed can among other things, use your machine to launch Distributed Denial of service attacks which overload servers, making them crash, to send out spam, spread new Malware, plant Keylogger to retrieve your personal information like identity, passwords, account numbers etc., install Spyware, manipulate online polls/games, abuse programs like Google AdSense to cheat advertisers of revenue, and install Advertisement Addons for financial gain as in fake websites advertising services that don't exist.

"Botnets can even encompass over 50,000 host machines. The potential for mischief is huge," reflects Govind Rammurthy. "Such a three-pronged Trojan attack where attackers change their virus code and release viruses quickly to bypass virus signature scanners, then disable network access to denyrepparttar 141653 user link-ups to anti-virus and Microsoft Windows Update site for protection has huge significance for virus-signature based protection. It is a sign of things to come," he says, rememberingrepparttar 141654 scramble at MicroWorld labs to update their products to detect and removerepparttar 141655 three Trojans.

Anti-virus updates forrepparttar 141656 three-pronged Trojan threat are available at MicroWorld Technologies site. Mayberepparttar 141657 time for worrying about some pimply teenager turning out malicious code because they have nothing better to do on a nice sunny morning, is over. The world could be facing a determined organized crime syndicate who'll stop at nothing to get what they want - information precious to you.

For more information visit or write to

MicroWorld Technologies is one of the leading solution providers for Information Technology, Content Security and Communications Software.

    <Back to Page 1 © 2005
Terms of Use