Summary: 'Anatomy of a Hack -- The Rise and Fall of Your Network'

The following excerpt is from Chapter 2 of "Protect Your Windows Network from Perimeter to Data" written by Jesper Johansson and Steve Riley. Click for the complete book excerpt series or purchase the book.

Summary: 'Anatomy of a Hack -- The Rise and Fall of Your Network' In this chapter we have examined, in rather excruciating detail, how a network may get hacked. This chapter does not prove that Windows-based networks are any less secure than any other network. Although the specifics of the attack demonstrated in this chapter are unique to Windows, minor modifications to the techniques and a new tool set would make the same compromise possible on any network running any platform. The problem is not the platform, it is in the practices. All platforms are securable, but all networks are exploitable if they are not architected and implemented carefully. The techniques may vary, but the end result does not. Poor implementation is poor implementation, regardless of the underlying platform. We also showed that exploiting a network is entirely possible using only operational security problems. Note that we did not exploit a single vulnerability in the platform. The only actual programmatic vulnerability we exploited was in a custom Web application. We even were able to do this on a network where every host was fully patched! Patching alone is not the be-all and end-all of security. Patching is critical, but it is also important to understand what you accomplish by patching; it just allows you to focus on the architecture and implementation of your network. Finally, we cannot stress enough that understanding the patterns and practices that an attacker exploits is crucial to understanding how to protect a network. This does not mean that the system and security administrators need to be capable of actually exploiting all these problems. They just need to understand what an attacker can do with them to gain an appreciation for how to protect against them. In the end, do we need to protect against all of these problems? No, probably not. It is all about risk management. In Chapter 4, "Developing Security Policies," we discuss security policies. Your security policy needs to cover which types of risks you are willing to accept to gain some functionality and ease of use. Do not forget the fundamental tradeoff between security, usability, and cost. Since most networks are designed in the face of limited resources, the policy needs to tell us which tradeoffs are acceptable. The rest of the book deals with all of these issues -- and ultimately helps you design and implement networks protected against the risks you are unwilling to absorb. What you should do today Investigate the security practices of any business partners who have connections into your network. Close down all unnecessary holes in your firewall. Filter outbound traffic on your firewall. Patch everything. Start thinking about attack-surface reduction on your hosts. Click for the book excerpt series or visit Addison-Wesley to purchase the book.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Firewalls Network security assessment for network infrastructure Hacking for Dummies, 2nd edition: Chapter 9 How can I disable file transfer in MSN Messenger? Hacking for Dummies: Test your firewall rules Setting up IPsec bypass Automatic exceptions: IPsec bypass The hacker handbook: Eleven tips in eleven minutes Wireless network security testing Cisco patches flaws in multiple products Rootkits: Managing the threat with prevention measures Microsoft Windows Patch Management Revised hotfix for 'animated-cursor exploit' released Excel, Office '07 affected by patch updates; Vista left alone IE6 vulnerability included in Patch Tuesday update Use patching to protect your network from threats Patch management: Are off-cycle, third-party patches trustworthy? Microsoft delivers 10 patches and tool update Standalone patch management vendors under siege Patch Tuesday will see the release of 13 security updates Third-party patches appear for new Internet Explorer flaw Evolution of the VML flaw Microsoft Windows Patch Management Research Intrusion Prevention Systems Buffer overflows can be prevented by GS cookies Malware prevention and detection webcast series Preventing malware with tools, patches and education Can an antivirus program stop phishing attacks? Wireless network security testing Step 3: Application-level filters The bot invasion in Windows Comparing rootkit detection tools Checklist: 11 things to do after a hack Social engineering tactics for Windows users

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary patch management  (SearchWindowsSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary