Just how easy is it to break into your company's networks? Hire a hacker, then sit tight.

George V. Hulme, Contributor

September 5, 2003

3 Min Read

After exposing and explaining that vulnerability, Breed focuses on another available server he found. It appears to be a system used by IT administrators for remote access. After he types a few commands, a logon screen for a remote terminal appears: It's Real VNC 3.3.7.

"What is that, and why can he access it?" asks the company director. The IT manager explains that it's a remote-system-administration tool, something their IT people use to make system changes without having to actually sit at the terminal. The IT manager then looks at Breed and says, "You'll never guess that password."

TOOLS OF THE TRADE

What the ethical hacker has on hand:

  • Ethereal: Free network-protocol analyzer that runs on Unix and Windows. It can analyze network traffic in real time or from a saved file.



  • NetStumbler: Free tool that can find wireless networks.



  • Nmap: Network Mapper, a tool to analyze a network for the operating systems, servers, types of services and ports, and packet filters and firewalls in place.



  • Netcat: Free network-analysis tool.

  • Nikto: Web-server scanner that tests servers for potential vulnerabilities that could allow a hacker easy entry.



  • Nessus: Free remote security scanner. It attempts to examine a network for vulnerabilities that could let bad guys in.



Data: InformationWeek

After several failed attempts Breed agrees, but explains that these systems often don't record failed logon attempts. "You can grind against this forever, and you wouldn't know. Again, it's just a matter of time," he says. And once inside, it's like "walking into the data center and physically sitting at the server."

By the end of the evening, the company's director is surprised at how far Breed was able to intrude into the network--and what could have happened, given more time. The IT manager is resolute, knowing the work that's ahead. "I thought I was going to be off this weekend," he says.

Breed explains that reaching the internal systems he did over the Internet was made possible by a router misconfiguration--the reason behind the flaw couldn't be determined--that enabled traffic from the Internet to flow into the internal systems of the company's network. "This dispels one of the popular security myths: that a company can focus only on securing its perimeter and remain secure."

Afterward
A few days after the assessment, the company's director says the first thing she did was change her password. "If someone was intent on cracking that password, they probably could have. It was the initials of my kids," she says. "I take password security seriously, and I'll use stronger passwords and change them more frequently from now on." She had most of the company's VPs do the same thing.

Password security isn't the only thing that will change. "We're a growing company, and it's clear we have to get better security policies in place," she says. "You may think something is set up one way, but without looking, you just don't know." Breed may have gotten closer to the company's main systems than he thought. "That one server he got into, that one is connected to our main server," the director says. "That's been changed." And the misconfigured router that allowed the unauthorized access? "That still remains a mystery. We don't know who made that change," she says. The company has since patched that opening.

Now, change controls and regular security assessments will be part of the company routine. Says the IT manager: "Thank God we did this."

About the Author(s)

George V. Hulme

George V. Hulme

Contributor

An award winning writer and journalist, for more than 20 years George Hulme has written about business, technology, and IT security topics. He currently freelances for a wide range of publications, and is security blogger at InformationWeek.com.

See more from George V. Hulme
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

NHL's Calgary Flames at New Jersey Devils on February 8, 2024 in Newark, NJ
IT Infrastructure
NHL, Presidio, and a Transformation Power Move with Hybrid CloudNHL, Presidio, and a Transformation Power Move with Hybrid Cloud
byJoao-Pierre S. Ruth
Apr 5, 2024
6 Min Read
Online Privacy Security Threat Abstract Background Art
Cyber Resilience
Cyber Risks When Job Hunters Become the HuntedCyber Risks When Job Hunters Become the Hunted
byCarrie Pallardy
Apr 9, 2024
9 Min Read
Business innovative solution and creative concept as a paper boat tied to a light bulb
IT Leadership
9 Ways to Ensure Continuous Innovation9 Ways to Ensure Continuous Innovation
byLisa Morgan
Apr 2, 2024
9 Slides
Hand charging an electric car, leaves and butterflies emerge from the cars exhaust, idea of sustainable transportation. Green energy, eco friendly
Sustainability
Sustainable Transportation Takes OffSustainable Transportation Takes Off
bySamuel Greengard
Mar 26, 2024
5 Min Read
Robotic hand takes a slice out of a coin, representing money
Machine Learning & AI
Special Report: What's Next for the GenAI Market in 2024?Special Report: What's Next for the GenAI Market in 2024
bySara Peters
Mar 12, 2024
3 Min Read
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat Now