Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Features

Introduction

The unfortunate bottom line of networking security problems is that hacking happens because it is allowed to happen. Most cases of fraud could have been prevented if people had just adhered to sensible protocols and properly implemented available security solutions. It cannot be stressed enough that the big problem with IT security is people - you, me, and the vast majority of people in the world who interface with IT systems.

It is far easier to get vital information from a person than it is to extract it from a well organized and protected computer system. That's seems like a fantastic statement, but it is absolutely true. If a complete security architecture is deployed, maintained and followed, then it is very difficult to penetrate systems. But humans are another problem entirely.

Absolute faith in a security system can ultimately be its greatest weakness, as people grow accustomed to it and fail to hold up their end of the bargain. Every wall has a gate through which people can walk; conventional hacking involves breaking this gate down. Social engineering is getting the gate keepers to wave you past with a smile on their faces.

To focus your mind for the next couple of minutes while you read through this article, let me tell you a story. For the distinct purpose of legality, I'm going to clearly state that this story is a figment of my imagination.

Hiding In Plain Sight

Suppose that I'm asked by a firm to configure some Internet application servers. This is a very high profile hacking target: an online financial institution.

I'm hired to work on a server farm. After introducing myself to the staff and conducting some initial meetings, I get to work at a console that is provided for me in the main IT area. I bring in my own laptop and configure it for DHCP and simply plug into the system. Out of habit, I run a quick scan looking for other devices that are running in promiscuous mode (sniffing) on the system. This might point to a previous or current visitor, or company security software looking for illegal activity on the network.

The server room is located several floors up, and all entrances and elevators are secured by access control cards, not unlike a credit card. For me to access this area I have to ask someone to accompany me and provide access by swiping their card. I need to do this a couple of times a day as the need arises.

Following a short period of working on site, everyone is tired of traveling around the building using their key cards to open doors and operate elevators on my behalf. Trust builds as familiarity breeds contempt, and within two weeks I'm getting a loan of employees' pass cards, and a short time later I have my own temporary key card.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I need to disable all CPU intensive aspects of OpenVPN, I understand this defeats the point of using a VPN, but I don't use a VPN to be "secure", per ...
So I'm assuming both stock and Merlin FW is susceptible to this attack, and that @RMerlin will fix it soon/first if it is?https://betanews.com/2019/06...
So I basically do not need the performance of the AX88, but I do need the extra Ethernet ports. Currently I have a AC88, which seems to fail port 5-8 ...
Does anyone know how to enable TLS v1.3 instead of TLS v1.2 in OpenVPN?Right now the control channels in my system log shows:Control Channel: TLSv1.2,...
Info: RT-AX88U - V384.11_2 Final FW - Uptime 29+ DaysWAN NAT Types: With Full Cone (was recommended for Open NAT for Steam Games as example):These ...

Don't Miss These

  • 1
  • 2
  • 3