Important, and sometimes critical documents left on web servers. Information that only internal or technical people should have access to;

Poor password and authentication policy. Users using weak passwords to access accounts, especially remote access devices that are present on Internet;

Test servers that have been forgotten about and are still present on Internet;

Poor network border architecture For instance; installing a firewall and forgetting that there are other network that need to be protected or should be placed behind firewall.

The above is just a handful of "Little Things" that get overlooked and can result in undoing of your networks security measures.

As an example; Many organizations provide their internal and external customers with a public FTP service. Most times, this is done to allow people to easily post "non-critical" or public information and share it with other associates.

Recently, I identified just such an FTP server. The server allowed anonymous logons, however it contained sub-directories that were secured. These secure directories were only accessible by people who owned account. It was obvious to me that I was not going to easily compromise these accounts. On other hand, sitting right in anonymous "root" directory was a .zip file that was rather large. I downloaded file, which took quite a while, unzipped it on my desktop, and guess what it contained? It was a compressed file of entire FTP server, including secure directories.

I would bore you with what I found within these directories. The bottom line is, I should have never had access to information they contained.

Conclusion ---------- The bottom line is this; it really is little things that will come back to haunt you when it comes to computer security. No system should ever be rushed into production. This is one of most common causes for poorly secured systems. The team in charge of implementing new technology needs to be educated on how to securely deploy new systems. And if you are installing support software from outside vendors, make sure you thoroughly review their products security features. Also, make sure they fully disclose any known bugs or improperly functioning features.

Mitglieder puts system under complete control of attacker by opening 'backdoor' on a port using which attacker can update Trojan, to stay a step ahead of attempts to remove it, download and execute files, initiate an SMTP server to relay spam, execute files on infected computer and download and execute files via an URL. "This is what makes it scary," say Aarti, Assistant Manager, QA, MicroWorld Technologies. "The fact that system can now be used as a remote controlled 'soldier' (bot) in an army (botnet) of similarly compromised machines to launch criminally motivated attacks, causing harm to Internet users."

Botnets thus formed can among other things, use your machine to launch Distributed Denial of service attacks which overload servers, making them crash, to send out spam, spread new Malware, plant Keylogger to retrieve your personal information like identity, passwords, account numbers etc., install Spyware, manipulate online polls/games, abuse programs like Google AdSense to cheat advertisers of revenue, and install Advertisement Addons for financial gain as in fake websites advertising services that don't exist.

"Botnets can even encompass over 50,000 host machines. The potential for mischief is huge," reflects Govind Rammurthy. "Such a three-pronged Trojan attack where attackers change their virus code and release viruses quickly to bypass virus signature scanners, then disable network access to deny user link-ups to anti-virus and Microsoft Windows Update site for protection has huge significance for virus-signature based protection. It is a sign of things to come," he says, remembering scramble at MicroWorld labs to update their products to detect and remove three Trojans.

Anti-virus updates for three-pronged Trojan threat are available at MicroWorld Technologies site. Maybe time for worrying about some pimply teenager turning out malicious code because they have nothing better to do on a nice sunny morning, is over. The world could be facing a determined organized crime syndicate who'll stop at nothing to get what they want - information precious to you.

For more information visit http://www.mwti.net or write to manish@mwti.net