Hack in Progress - InformationWeek
Hardware & Infrastructure
04:10 PM
IP Intelligence: The Utility Player for Your Online Business
Aug 31, 2017
Join us as we explore the many benefits of IP Intelligence, and how you can use IPI to improve you ...Read More>>

Hack in Progress

Just how easy is it to break into your company's networks? Hire a hacker, then sit tight.

After exposing and explaining that vulnerability, Breed focuses on another available server he found. It appears to be a system used by IT administrators for remote access. After he types a few commands, a logon screen for a remote terminal appears: It's Real VNC 3.3.7.

"What is that, and why can he access it?" asks the company director. The IT manager explains that it's a remote-system-administration tool, something their IT people use to make system changes without having to actually sit at the terminal. The IT manager then looks at Breed and says, "You'll never guess that password."


What the ethical hacker has on hand:
  • Ethereal: Free network-protocol analyzer that runs on Unix and Windows. It can analyze network traffic in real time or from a saved file.

  • NetStumbler: Free tool that can find wireless networks.

  • Nmap: Network Mapper, a tool to analyze a network for the operating systems, servers, types of services and ports, and packet filters and firewalls in place.

  • Netcat: Free network-analysis tool.

  • Nikto: Web-server scanner that tests servers for potential vulnerabilities that could allow a hacker easy entry.

  • Nessus: Free remote security scanner. It attempts to examine a network for vulnerabilities that could let bad guys in.

  • Data: InformationWeek

    After several failed attempts Breed agrees, but explains that these systems often don't record failed logon attempts. "You can grind against this forever, and you wouldn't know. Again, it's just a matter of time," he says. And once inside, it's like "walking into the data center and physically sitting at the server."

    By the end of the evening, the company's director is surprised at how far Breed was able to intrude into the network--and what could have happened, given more time. The IT manager is resolute, knowing the work that's ahead. "I thought I was going to be off this weekend," he says.

    Breed explains that reaching the internal systems he did over the Internet was made possible by a router misconfiguration--the reason behind the flaw couldn't be determined--that enabled traffic from the Internet to flow into the internal systems of the company's network. "This dispels one of the popular security myths: that a company can focus only on securing its perimeter and remain secure."

    A few days after the assessment, the company's director says the first thing she did was change her password. "If someone was intent on cracking that password, they probably could have. It was the initials of my kids," she says. "I take password security seriously, and I'll use stronger passwords and change them more frequently from now on." She had most of the company's VPs do the same thing.

    Password security isn't the only thing that will change. "We're a growing company, and it's clear we have to get better security policies in place," she says. "You may think something is set up one way, but without looking, you just don't know." Breed may have gotten closer to the company's main systems than he thought. "That one server he got into, that one is connected to our main server," the director says. "That's been changed." And the misconfigured router that allowed the unauthorized access? "That still remains a mystery. We don't know who made that change," she says. The company has since patched that opening.

    Now, change controls and regular security assessments will be part of the company routine. Says the IT manager: "Thank God we did this."

    3 of 3
    Comment  | 
    Print  | 
    More Insights
    Oldest First  |  Newest First  |  Threaded View
    How Enterprises Are Attacking the IT Security Enterprise
    How Enterprises Are Attacking the IT Security Enterprise
    To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
    Register for InformationWeek Newsletters
    White Papers
    Current Issue
    IT Strategies to Conquer the Cloud
    Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
    Twitter Feed
    Sponsored Live Streaming Video
    Everything You've Been Told About Mobility Is Wrong
    Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
    Flash Poll