20
Chapter 2. Attackers and Risks
2.3.2. Unpatched Services
Most server applications that are included in a default Red Hat Linux installation are solid, thoroughly
tested pieces of software. Many of the server applications have been in use in production environments
for many years, and their code has been thoroughly refined and many of the bugs have been found and
fixed.
However, there is no such thing as perfect software, and there is always room for further refinement.
Moreover, newer software is often not as rigorously tested as one might expect, due to its recent
arrival to production environments or because it may not be as popular as other server software.
Developers and system administrators often find exploitable bugs in server applications and publish
the information on bug tracking and security related websites such as the Bugtraq mailing list or the
Computer Emergency Response Team website. CERT and Bugtraq normally alert interested parties
of the vulnerabilities. However, even then, it is up to system administrators to patch and fix these
bugs whenever they are made public, as crackers also have access to these vulnerability tracking
services and will use such information to crack unpatched systems wherever they can. Good system
administration requires vigilance, constant tracking of bugs, and proper system maintenance to ensure
a secure computing environment.
2.3.3. Inattentive Administration
Similar to server applications which languish unpatched by developers are administrators who fail to
patch their systems or are too ignorant to do so. According to the System Administration Network and
Security Institute (SANS), the primary cause of computers security vulnerability is to "assign untrained
people to maintain security and provide neither the training nor the time to make it possible to do the
job."
1
This applies as much to inexperienced administrators as it does to overconfident or amotivated
administrators.
Some administrators fail to patch their servers and workstations, while others fail to watch log mes 
sages from their system kernel or from network traffic. Another common error is to leave the default
passwords or keys in services that have such authentication methods built into them. For example,
some databases leave default administration passwords under the assumption that the system admin 
istrator will change this immediately upon configuration. Even an inexperienced cracker can use the
widely known default password to gain administrative privileges to the database. These are just a few 
examples of inattentive administration that can eventually lead to a compromised system.
2.3.4. Inherently Insecure Services
Even the most vigilant organization that does their job well and keeps up with their daily responsi 
bilities can fall victim to vulnerabilities if the services they choose for their network are inherently
insecure. There are certain services that were developed under the assumption that they will be used
over trusted networks; however, this assumption falls short as soon as the service becomes available
over the Internet.
Some examples of inherently insecure services include servers that require passwords or passphrases
for authentication (in itself, a secure feature), but fail to encrypt the passwords as they are sent over
the wire to the authenticating service. Telnet and FTP are two such services. A packet sniffing device
set between a remote user and the telnet server can easily be set to steal passwords (especially if the
telnet user happens to switch to an administrative user during a telnet session).
The services noted above can also more easily fall prey to what the security industry terms the man in 
the middle attack. In this type of attack, a cracker redirects network traffic by tricking a cracked name
server on the network to point to his machine instead of the intended server. Once someone opens
a remote session to that server, the attacker's machine acts as an invisible conduit, sitting quietly
1. Source: http://www.sans.org/newlook/resources/errors.html






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

web hosting comparison

 

Our partners: PHP: Hypertext Preprocessor Best Web Hosting Java Web Hosting Inexpensive Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Jsp Hosting Cheap Hosting

Visionwebhosting.net Business web hosting division of Web Design Plus. All rights reserved