Chapter 2. Attackers and Risks
19
private networks and services. Unfortunately, many applications and services (such as telnet and FTP)
transmit passwords in plain text (also known as clear text) which makes them vulnerable to these
network sniffing applications.
Encryption is a general method of scrambling data, such as passwords, in order to protect it in the event
of interception. Depending on the encryption method used, it could conceivably take a cracker several
thousand years to decrypt the data using conventional methods. Most encryption methods are done
between the client application and the server, making the process transparent to all users. However,
encryption is something that most people do not understand. Administrators feel that it is a nuisance
to integrate into their network services, even though, in most cases, encrypting network traffic can be
a relatively simple procedure. The advantages of using encryption vastly outweigh its liabilities.
2.2.3. Wireless Local Area Networks (WLANS)
The popularity of mobile technology has prompted engineers to develop new ways of connecting to
and communicating with others. Cellular and radio frequency (RF) technology has ushered a new age
of wireless communication that boasts competitive speeds and functionality compared to wired or
cabled communication solutions.
The recent IEEE 802.11b wireless protocol (wi fi) has become an industry standard for users that
need a more mobile networking solution. The 802.11b standard uses 2.4 GHz Direct Sequence Spread
Spectrum (DSSS) frequency for communication. It also uses 40 bit Wired Equivalent Privacy (WEP)
encryption of all data traffic. It seems to be the ideal solution for users who move frequently or do not
have access to traditional RJ 45 or RJ 11 cabling lines.
There have been recent reports, however, that dispute the relative security of 802.11b and other WLAN
technologies. One major drawback of wireless networking is that most wireless network interface
cards (NICs) must be operated in promiscuous mode that is, data packets must continually be
broadcast in order for the wireless NIC to transmit and receive the packets that are intended for it.
Moreover, the WEP encryption built into 802.11b NICs and Access Points is, by many estimates,
a weak form of encryption that can be cracked using standard desktop or laptop PCs. Many WLAN
administrators do not even enable the WEP encryption, making the ability to intercept data even easier.
For general information on wireless security, refer to Chapter 8.
2.3. Threats To Server Security
Server security is as important as network security because servers can hold most or all of the or
ganization's vital information. If a server is compromised, all of its contents may become available
for the cracker to steal or manipulate at will. There are many ways that a server can be cracked. The
following sections detail some of the main issues.
2.3.1. Unused Services and Open Ports
By default, most operating systems install several pieces of commonly used software. Red Hat Linux,
for example, can install up to 1200 application and library packages in a single installation. While
most server administrators will not opt to install every single package in the distribution, they will
install a base installation of packages, including several server applications.
A common occurrence among system administrators is to install an operating system without know
ing what is actually being installed. This can be troublesome, as most operating systems will not only
install the applications, but also setup a base configuration and turn services on. This can cause un
wanted services, such as telnet, DHCP, or DNS to be running on a server or workstation without the
administrator realizing it, leading to unwanted traffic to the server or even a path into the system for
crackers. See Chapter 5 for information on closing ports and disabling unused services.
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved