Announcement

Collapse
No announcement yet.

63% of website owners don't know how they were hacked!

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    63% of website owners don't know how they were hacked!

    http://www.zdnet.com/blog/security/6...e-hacked/10986

    I'll wage that Steve could tell horror stories about this ...
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.

    #2
    Scarier still, is that a larger percentage probably don't even care!
    Windows no longer obstructs my view.
    Using Kubuntu Linux since March 23, 2007.
    "It is a capital mistake to theorize before one has data." - Sherlock Holmes

    Comment


      #3
      Originally posted by GreyGeek View Post
      I'll wage that Steve could tell horror stories about this ...
      Here's one. Not about a web server, but still good.

      A customer once liked to display all of the company's shiny computer gear behind a large plate-glass window that faced the street (complete with labels indicating the telephone numbers of all the modems, but that's a different problem). One day, some thugs decided to help themselves to a computer, so they smashed their pickup truck through the window, snatched the first computer they saw, threw it into the back of the truck, and sped away. It just so happened that this computer was...a domain controller! The customer called the police and described the truck and the theft. The police found the thieves, recovered the computer, and returned it to the customer, who proceeded to reconnect it to the network. Alas, a very unwise decision.

      Think about it for a moment: a bad guy had physical access to the system that is the source of authority for every security principal in your forest. Who knows what he's done? Here are some possibilities:
      • Extract password hashes from the Active Directory database (no need to crack the passwords themselves now).
      • Install a malicious self-replicating virus or other malware.
      • Add rogue user, service, and administrator accounts.
      • Create or modify logon scripts.


      Honestly, this is a machine you can no longer trust. And if the bad guy still possesses the computer, manages to reconnect that Typhoid Mary of a domain controller back to your network, and forces a replication to the other DCs in the forest...well, it frightens me to think of the possible ramifications.
      I used that example numerous times during my security seminar days. (For those not versed in Windows infrastructure: a domain controller authenticates logons and contains the user account database.)

      Speaking of which, you might be interested in this bit of reportage about one of my talks in 2007, in which I engage the audience in some thought about security trade-offs. The comments are interesting, too. I'm especially amused by those who seem to think that software security and national security have very little in common. Heh. Whether you're protecting a computer from an attacker, an airplane from a terrorist, or a nation from its enemies, the processes and analysis that inform risk assessment are very much alike.
      Last edited by SteveRiley; Mar 22, 2012, 01:54 AM.

      Comment


        #4
        Hi Steve...

        Connected to the article you linked to was another one in which you felt like Microsoft had let down consumers by not shipping a firewall with XP when it was released. In all honesty, I don't feel let down. I don't think MS is obligated to include every known piece of software that a user might when it ships an OS. At some level, a user must assume this reponsibility and choose for himself/herself what to install or not install. XP is a pretty decent OS that I still work with on a regular basis. It along with 7 are perhaps my favorites. :-)

        In other news, I found this article in my local paper concerning HP.

        Regards...
        Our Lord and Savior Jesus Christ loves and cares about you most of all! http://peacewithgod.jesus.net/
        How do I know this personally? Please read here: https://www.linuxquestions.org/quest...hn-8-12-36442/
        PLEASE LISTEN TO THIS PODCAST! You don't have to end up here: https://soulchoiceministries.org/pod...i-see-in-hell/

        Comment


          #5
          The reportage from APCmag can sometimes be spotty; and at one time, that journalist and I didn't get along -- although we now enjoy each other's company very much.

          Some context for that article: I had given another talk at the same event highlighting the improvements in the networking stack in Vista. One of the areas I covered was the new firewall. As an aside, I reminded people that XP also had a firewall, which was switched on by default with XP Service Pack 2. Before then, in the original release of XP and in Service Pack 1, the firewall was not enabled out of the box. That's my "we let you down" summary. Although I was not involved in that decision, in hindsight it was a poor one. For if the firewall had been enabled by default, then Nimda, Beast, Blaster, Agobot, and Sasser (among others) would have been quickly thwarted.

          Because the Windows XP firewall only blocks inbound traffic that isn't a response to something your computer requested, there was very little risk that enabling the firewall would cause application breakage. And indeed, when SP 2 started rolling onto machines, the firewall was largely unnoticed. So, yeah, leaving it disabled at RTM was a mistake.

          (The firewall in Vista and 7 behaves much like in XP. It also offers a more sophisticated configuration mode, one that allows users to create outbound rules. But don't imagine this extra functionality will enhance security; in a TechNet Magazine article I explain why outbound rules as a protection mechanism are pure security theater. They do provide utility for administratively blocking traffic you know you don't want to permit, though, which I also explain.)

          Comment


            #6
            Originally posted by SteveRiley View Post
            Some context for that article: I had given another talk at the same event highlighting the improvements in the networking stack in Vista. One of the areas I covered was the new firewall. As an aside, I reminded people that XP also had a firewall, which was switched on by default with XP Service Pack 2. Before then, in the original release of XP and in Service Pack 1, the firewall was not enabled out of the box. That's my "we let you down" summary. Although I was not involved in that decision, in hindsight it was a poor one. For if the firewall had been enabled by default, then Nimda, Beast, Blaster, Agobot, and Sasser (among others) would have been quickly thwarted.
            Ah, thank you for this clarification. :-)

            Regards...
            Our Lord and Savior Jesus Christ loves and cares about you most of all! http://peacewithgod.jesus.net/
            How do I know this personally? Please read here: https://www.linuxquestions.org/quest...hn-8-12-36442/
            PLEASE LISTEN TO THIS PODCAST! You don't have to end up here: https://soulchoiceministries.org/pod...i-see-in-hell/

            Comment


              #7
              Originally posted by SteveRiley View Post
              Here's one. Not about a web server, but still good.


              I used that example numerous times during my security seminar days. (For those not versed in Windows infrastructure: a domain controller authenticates logons and contains the user account database.)

              Speaking of which, you might be interested in this bit of reportage about one of my talks in 2007, in which I engage the audience in some thought about security trade-offs. The comments are interesting, too. I'm especially amused by those who seem to think that software security and national security have very little in common. Heh. Whether you're protecting a computer from an attacker, an airplane from a terrorist, or a nation from its enemies, the processes and analysis that inform risk assessment are very much alike.
              Your assuming that these "thugs" actually have the intelligence to be able to do what you suggested. Most smash and grab robberies usually just nick items to sell then use the money to buy drugs.

              Comment


                #8
                Originally posted by nickstonefan View Post
                Your assuming that these "thugs" actually have the intelligence to be able to do what you suggested. Most smash and grab robberies usually just nick items to sell then use the money to buy drugs.
                I totally agree, and anybody who knows anything about those kinds of crimes probably would too. So, that makes it a perfect a cover doesn't it.

                Comment


                  #9
                  In addition to what Ardvark71 noticed, there was another link to a 2007 store about the "decline of the PC". FIVE YEARS AGO there were prophets of doom about the PC.

                  I have no doubt that five years from now the x86 will still be a major player in the F500-F1000, and SOHO. If I outlive the x86 I'll probably stop using computers, IF I remember what they are when that happens.
                  "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                  – John F. Kennedy, February 26, 1962.

                  Comment


                    #10
                    Originally posted by GreyGeek View Post
                    In addition to what Ardvark71 noticed, there was another link to a 2007 store about the "decline of the PC". FIVE YEARS AGO there were prophets of doom about the PC.

                    I have no doubt that five years from now the x86 will still be a major player in the F500-F1000, and SOHO. If I outlive the x86 I'll probably stop using computers, IF I remember what they are when that happens.
                    Very few things actually "die". Decline yes, but things stay around. These "prophets of dooms" are just salesmen saying you should get something new. Cobol still employs a million coders and DOS is still being developed and has newly written applications. In fact the original IBM PC (8088 ) is currently selling for $200 - $500 so I agree, the more recent x86 will be here for a while.

                    More on topic: the article on web sites being hacked is interesting, but after reading the pdf I'm still having a hard time getting a solid idea of what is to be learnt from their study. Perhaps it is that many web site owners are not aware of how to insure the security of their site, though it is not clear what percentage that would be. It does seem like some are completely unknowing, but many admit likely security errors like carrying malware with their own log in, or not watching for flaws with major content software like wordpress. What did seem interesting to me is the number of hosting companies who apparently are not very concerned. I'm personally a minor player with less than a dozen web sites, but I certainly rely on my provider taking security from their side very seriously. I think, for their own sake, that reputable hosting companies do.

                    Comment

                    Working...
                    X