Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Features

Nirvana

In the server room, I go to the KVM switch to access my servers. There I find all kinds of devices running, logged in - and completely unattended. Device #1 is a newly-built Win 2003 server in default state; device #2 is the mail server, and is logged in; devices 3, 4 and 5 are my servers, and other devices, one with a Cisco firewall dashboard on-screen, all open for business. One machine that was locked sat there like a magnet. For the fun of it I tried the administrator password from the servers that I was working on and would you believe it, I got in - with a common password! Absolute total hacking nirvana!

For my convenience, I needed to have remote command line access to my target servers to stop and start specific server processes. I'm not a lover of VNC so I put on Netcat and configured it to run as a remote command shell. Absolute complete hacking orgasm!!!

So here I am, an Average Joe consultant, and after a very short time, I have root access to everything that matters in that organization. I've essentially hacked nothing, in the electronic sense of the word.

Such trust is stunning, and very, very foolish. I'm a good guy and I took it to the IT manager who wasn't at all impressed that I raised the issue. Having completed my contract I went on to other things, returning to this firm several months later for a routine server health check.

I couldn't resist asking the obvious question: what had changed since my last visit? Well I found that all the servers were no longer left idly open as they had been before. But it didn't really matter, because they all still had the same administrator password.

Stop Being Polite, And Stop Worrying About Convenience!

The door that takes ten seconds to close is a gateway to any area that is subject to controlled access. Someone swipes their card and quickly swing the door open and walks through; this leaves an opportunity for illicit access by an intruder ghosting the door.

Worse, consider the polite employee who sees a beautiful girl coming up behind him, laden with a heavy briefcase, and holds the door open with a smile. Or how about the network that allows anyone to configure for DHCP and then lets them plug and play from any terminal?

How about the simple example of someone sitting at their desk and getting a call from "The IT department." The warm voice says, "Hi there, I just need your username and password" - that probably wouldn't work, right? Well, what if the person has scoped you out ahead of time, and perhaps knows something about you or your family, and starts off the conversation with "I was out with your wife at the book club last night, she was telling me all about such and such..." This goes on for three minutes and the person, too polite to say "Umm, sorry, but I don't actually know who the hell you are..." develops a sense of trust with this person. When the "IT person" then drops that request for a password or similar, they are much more likely to hand it over.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

https://www.amazon.com/dp/B07HM6KJN8/?tag=snbforums-20Cyber Monday Sale
can someone please explain the difference between an rt ac 88 u and an rt ax 88 .I know the rx has faster VPN capability but surely there must be more...
https://fccid.io/MSQ-RTAXI600
First I want to start by saying I do not have qos turned onI purchased the rp-ac1900 to add better wifi upstairs - I have a 400mbps connection that te...
Asuswrt-Merlin 384.19 is now available for all supported models, except for the RT-AX56U (no up-to-date GPL available for that model).The main changes...

Don't Miss These

  • 1
  • 2
  • 3