NETWORK SECURITY AND HACKING

Emmanuel Doryumu

TOP 10 NETWORK SECURITY THREATS TO BUSINESSES

Insiders - In many SMBs, business records and customer information is often entrusted to a single person. Without adequate checks and balances, including network system logs and automated reports, data loss from within can stretch over long periods of time.

Lack of Contingency Plans - One of the biggest threats to SMBs relates to the business impact of post-hack, intrusion or virus. Many SMBs lack a data loss response policy or disaster recovery plan, leaving their business slow to recover and restart operations.

Unchanged Factory Defaults - Hackers publish and maintain exhaustive lists of default logins (username and password) to nearly every networked device, and can easily take control of network resources if the default factory configuration settings are not changed.

The Unsecured Home - In many small businesses, employees often take laptops home to work. In an unsecured home network environment, a business laptop can be dangerously exposed to viruses, attacks and malware applications.

Reckless Use of Public Networks - A common trick by attackers is to put up an unsecured wireless access point labeled, "Free Public Wi-Fi" and simply wait for a connection-starved road warrior to connect. With a packet sniffer enabled, an attacker silently sees everything the employee types, and is then able to utilize that data for personal gain.

Loss of Portable Devices - Much SMB data is compromised every year due to lost laptops, misplaced mobile devices and left behind USB sticks. Although encryption of mobile device data and use of strong passwords would ease many of these losses, many SMB users simply fail to secure their mobile devices and data. http://news.cnet.com/8301-13579_3-20003308-37.html

Compromised Web Servers - Many SMBs host their own websites without adequate protection, leaving their business networks exposed to SQL injections and botnet attacks.

Reckless Web Surfing - Now more than ever, malware, spyware, keyloggers and spambots reside in harmless looking websites. Employees who venture into supposedly safe sites may be unknowingly exposing their business networks to extreme threats.

Malicious HTML E-mail - No longer are attackers sending e-mails with malicious attachments. Today, the threat is hidden in HTML e-mail messages that include links to malicious, booby-trapped sites. A wrong click can easily lead to a drive by download.

Unpatched Open to Known Exploits - More than 90 percent of automated attacks try to leverage known vulnerabilities. Although patches are issued regularly, a short staffed SMB may likely fail to install the latest application updates and patches to their systems, leaving them vulnerable to an otherwise easily stopped attack

SECURING YOUR WIRELESS NETWORK Secure your wireless router or access point administration interface Almost all routers and access points have an administrator password that's needed to log into the device and modify any configuration settings. Most devices use a weak default password like "password" or the manufacturer's name, and some don't have a default password at all.  As soon as you set up a new WLAN router or access point, your first step should be to change the default password to something else.

Don't broadcast your SSIDMost WLAN access points and routers automatically (and continually) broadcast the network's name, or SSID (Service Set Identifier). This makes setting up wireless clients extremely convenient since you can locate a WLAN without having to know what it's called, but it will also make your WLAN visible to any wireless systems within range of it. Turning off SSID broadcast for your network makes it invisible to your neighbors and passers-by (though it will still be detectible by WLAN "sniffers"). 

Enable WPA encryption instead of WEP802.11's WEP (Wired Equivalency Privacy) encryption has well-known weaknesses that make it relatively easy for a determined user with the right equipment to crack the encryption and access the wireless network. A better way to protect your WLAN is with WPA (Wi-Fi Protected Access). WPA provides much better protection and is also easier to use, since your password characters aren't limited to 0-9 and A-F as they are with WEP. WPA support is built into Windows XP (with the latest Service Pack) and virtually all modern wireless hardware and operating systems. A more recent version, WPA2, is found in newer hardware and provides even stronger encryption, but you'll probably need to download an XP patch in order to use it.

Remember that WEP is better than nothing If you find that some of your wireless devices only support WEP encryption (this is often the case with non-PC devices like media players, PDAs, and DVRs), avoid the temptation to skip encryption entirely because in spite of it's flaws, using WEP is still far superior to having no encryption at all. If you do use WEP, don't use an encryption key that's easy to guess like a string of the same or consecutive numbers. Also, although it can be a pain, WEP users should change encryption keys often-- preferably every week.   See this page if you need help getting WEP to work.  

Reduce your WLAN transmitter powerYou won't find this feature on all wireless routers and access points, but some allow you lower the power of your WLAN transmitter and thus reduce the range of the signal. Although it's usually impossible to fine-tune a signal so precisely that it won't leak outside your home or business, with some trial-and-error you can often limit how far outside your premises the signal reaches, minimizing the opportunity for outsiders to access your WLAN. 

Disable remote administration - Most WLAN routers have the ability to be remotely administered via the Internet. Ideally, you should use this feature only if it lets you define a specific IP address or limited range of addresses that will be able to access the router. Otherwise, almost anyone anywhere could potentially find and access your router. As a rule, unless you absolutely need this capability, it's best to keep remote administration turned off. (It's usually turned off by default, but it's always a good idea to check.)

HACKING

is a person who breaks into computers, but does no harm, usually for fun or just the challenge

TYPES OF HACKING

Inside Jobs - Most security breeches originate inside the network that is under attack. Inside jobs include stealing passwords (which hackers then use or sell), performing industrial spying, causing harm (as irritated employees), or committing simple misuse. Sound policy enforcement and observant employees who guard their passwords and PCs can prevent many of these security breeches.

Rogue Access Points - Rogue access points (APs) are unsecured wireless access points that outsiders can easily breech. (Local hackers often advertise rogue APs to each other.) Rogue APs are most often connected by well-meaning but ignorant employees.

Back Doors - Hackers can gain access to a network by exploiting back doors "administrative" shortcuts, configuration errors and unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find any weakness in your network.

Viruses and Worms - Viruses and worms are self-replicating programs or code fragments that attach themselves to other programs (viruses) or machines (worms). Both viruses and worms attempt to shut down networks by flooding them with massive amounts of bogus traffic, usually through e-mail.

Trojan Horses - Trojan horses, which are attached to other programs, are the leading cause of all break-ins. When a user downloads and activates a Trojan horse, the hacked software kicks off a virus, password gobbler, or remote-control software that gives the hacker control of the PC.

Denial of Service - DoS attacks give hackers a way to bring down a network without gaining internal access

Anarchists, Crackers, and Kiddies - Who are these people, and why are they attacking in your network?

Anarchists are people who just like to break stuff. They usually exploit any target of opportunity.

Crackers are hobbyists or professionals who break passwords and develop Trojan horses. Script kiddies are hacker wannabes. They have no real hacker skills

Other attackers include employees, terrorists, political operatives, or anyone else who feels slighted, exploited, ripped off, or unloved.

Sniffing and Spoofing - Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple eavesdropping or something more sinister.

Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping.

SIGNS YOUR COMPUTER IS HACKED

Hackers disable your Daylight Savings Time If your computer system occasionally re-boots on it’s own,

again, the hacker may need to update their Hosts and Servers to make the computer system function properly.

You find your cd-rom drive open and close without your permission.

You could hear an annoying beep coming from your system speakers

Your windows screen goes horizontal or vertical. The screen saver picture changes without your permission. On occasion your mouse is out of your control. This could also

be

HELPFUL SITES

http://www.networkworld.com/topics/security.html

http://en.wikipedia.org/wiki/Network_security

http://sectools.org/