Tuesday, January 25, 2022

Hazards of Hooking Up

 Hazards of Hooking Up
Know your users: Hackers aren't the only ones you should fear
By Al Berg
--------------------------------------------------------------------------------
The following list covers the top threats the Internet poses to corporate LANs. The information is drawn from interviews with three computer-security experts: Winn Schwartau, "Simple Nomad," and William Cheswick (see " Panel of Experts ," Page 31).
Legitimate users sending out proprietary information. All the security measures in the world will not thwart attackers if users are sending out--unwittingly or not--information that hostile outsiders need or want. Now, thanks to search tools such as Yahoo! Inc.'s Yahoo! and Digital Equipment Corp.'s AltaVista, hackers can even mine isolated postings to USENET for valuable information.

Legitimate users bringing in harmful information. Internet and Worl d Wide Web surfers can easily bring back viruses and Trojan horse programs. Surfing the Web can also hinder network performance and drain computing resources.

Packet sniffing. Hackers can learn a lot about your network simply by watching and analyzing traffic on the LAN. The main line of defense is a solid firewall implementation. Cheswick suggests using a protocol analyzer to "sniff" your LAN to see what would-be attackers can see and to learn to recognize abnormal activity.

Human error. "Misconfigured servers showing more than they should to legitimate users, as well as outside users" are just what the average hacker is looking for, says Simple Nomad. Hackers know the typical configuration errors that LAN managers make and how to exploit them.

Lack of strong user identification. "If you use passwords, you will lose," says Schwartau. He suggests a stronger means of authentication, such as hardware and software tokens and one-time, nonsniffable dynamic passwords.

Users running servers of which they are unaware. Today's desktop OSes include file sharing, and users may not realize that intruders can easily access misconfigured workstations.

Blind faith in firewall packages. According to Schwartau, commercial firewalls are regularly breached, and the majority of firewall software is "not very good." He attributes this to the lack of a layered system of "interwalls" to protect the network in case the outer defenses of the main Internet firewall are attacked. (See " Firewalls: Defending the Front Line ," Page 49.)

Bugs in commercial software. Because most Internet-connected LANs are running off-the-shelf software, a software bug in one of these packages can easily open the door to hackers.