-
Meet Hollywood Rainmaker Kevin Allyn - July 17, 2019
-
From Humble Beginnings to Great Success - February 21, 2019
-
Spotlight on Tolga Katas - February 15, 2019
-
Freedom Downtime – The Story of Legendary Hacker Kevin Mitnick - August 25, 2018
-
Steve Wozniak Corrects Inaccuracies About Jobs Movie - August 25, 2014
-
Kevin Mitnick Interview on Steven Colbert - August 25, 2014
-
Legendary Psychoanalyst Adam Phillips on Why the Capacity for Boredom Is Essential for a Full Life - July 19, 2014
-
The Psychology of Your Future Self and How Your Present Illusions Hinder Your Future Happiness - July 18, 2014
-
Media Mistake: Brian Mulligan on Bath Salts – A Story Mistold - June 20, 2014
-
Anna Deavere Smith on Discipline and How We Can Learn to Stop Letting Others Define Us - June 16, 2014
Network Security – The Real Vulnerabilities
You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors?
Scenario: You work in a corporate environment in which you are, at least partially, responsible for network security. You have implemented a firewall, virus and spyware protection, and your computers are all up to date with patches and security fixes. You sit there and think about the lovely job you have done to make sure that you will not be hacked.
You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors?
Have you thought about a social engineering attack? What about the users who use your network on a daily basis? Are you prepared in dealing with attacks by these people?
Believe it or not, the weakest link in your security plan is the people who use your network. For the most part, users are uneducated on the procedures to identify and neutralize a social engineering attack. What’s going to stop a user from finding a CD or DVD in the lunch room and taking it to their workstation and opening the files? This disk could contain a spreadsheet or word processor document that has a malicious macro embedded in it. The next thing you know, your network is compromised.
This problem exists particularly in an environment where a help desk staff reset passwords over the phone. There is nothing to stop a person intent on breaking into your network from calling the help desk, pretending to be an employee, and asking to have a password reset. Most organizations use a system to generate usernames, so it is not very difficult to figure them out.
Your organization should have strict policies in place to verify the identity of a user before a password reset can be done. One simple thing to do is to have the user go to the help desk in person. The other method, which works well if your offices are geographically far away, is to designate one contact in the office who can phone for a password reset. This way everyone who works on the help desk can recognize the voice of this person and know that he or she is who they say they are.
Why would an attacker go to your office or make a phone call to the help desk? Simple, it is usually the path of least resistance. There is no need to spend hours trying to break into an electronic system when the physical system is easier to exploit. The next time you see someone walk through the door behind you, and do not recognize them, stop and ask who they are and what they are there for. If you do this, and it happens to be someone who is not supposed to be there, most of the time he will get out as fast as possible. If the person is supposed to be there then he will most likely be able to produce the name of the person he is there to see.
I know you are saying that I am crazy, right? Well think of Kevin Mitnick. He is one of the most decorated hackers of all time. The US government thought he could whistle tones into a telephone and launch a nuclear attack. Most of his hacking was done through social engineering. Whether he did it through physical visits to offices or by making a phone call, he accomplished some of the greatest hacks to date. If you want to know more about him Google his name or read the two books he has written.
It’s beyond me why people try and dismiss these types of attacks. I guess some network engineers are just too proud of their network to admit that they could be breached so easily. Or is it the fact that people don’t feel they should be responsible for educating their employees? Most organizations don’t give their IT departments the jurisdiction to promote physical security. This is usually a problem for the building manager or facilities management. None the less, if you can educate your employees the slightest bit; you may be able to prevent a network breach from a physical or social engineering attack.
Dennis d’Entremont is the operator of SaveLoad Video Game Directory and Computers-Made-Easy.com
Author: Dennis DEntremont
Article Source: EzineArticles.com
Provided by: PCB Prototype & Manufacturing
6,675 Comments on this Post
mavişehir escort
izmir vip escort kızlar
web
very nicee
Saç Dökülmesi Tedavisi
Thanks for sharin sir. i read your article and thats great. Thanks again.
Article
Thanks for watching
Sedasyonlu Saç Ekimi
Thanks for sharing sir. Your blog its awesome Thanks.
cabin air spring
Visit our website for details.https://www.torqueusa.com/
Garantili Saç Ekimi
Thanks for sharing sir. Your article its great. i read your document and great.
ikinci el laptop alan yerler
izmir laptop alan yerler
Article
Thanss very nice blog
sisli Escort
sisli Escort ilan ve tanitim vebsitemzin yayini tum hizi ile devam etmektedir
taker мечту
TAKER – подними на свою мечту!
izmir bilgisayar alan yerler
izmir laptop alan yerler
iç mimar
very good
backlink listesi
Hello, you have a very nice website. I wanted to comment.
Google
I noticed this blog recently, it’s great
Alaca Çiçekçi
Alaca çicekçilik konusunda profesyonel destek hizmetleri için hoşgeldiniz.
Canli Bahis Oyna
Bahis Siteleri
batıkent diş
Estetik gülüş tasarımında dikkat edilmesi gereken en önemli unsur hastanın beklentisinin doğru bir şekilde hekime aktarılmasıdır. yenimahalle diş
gutefehler.net
super blog von erwachsene -Problem lösungen
maç izle
çok kaliteli bir içerik olmuş gerçekten tebrik ederim.
druckerfehler.com
Alle fehlercode blog mit drucker fehlermeldungen lösungen.
ausm2kind
kids and adults for coloring blog, thank you.
Saç Ekimi Nasıl Yapılır
Hello sir, Thanks for sharing, your article looking good. Thanks again.
esenler escort bayan
Resources like the one you mentioned here will be very useful to me! I will post a link to this page on my blog. I am sure my visitors will find that very useful.
Rhinoplasty in Turkey
Thank you sir. Yourt article its great. i like to read.
fehlercode
drucker fehlercode liste von deutschland mit fehlerblog.
Web
Very nice article
Nosejob Istanbul
Thanks for sharing sir. Your blog its great. Thanks for sharing.
Calendula (Aynısefa) Yüz Temizleme Tonik
Doğal Kozmetik Kategorisi, güzellik ve bakım için doğadan gelen en özel içerikleri bir araya getiriyor. Bu özel kategoride, doğal kozmetik ürünleri ve doğal kozmetik türevleri bulunmaktadır. Doğal Kategorisi’ndeki ürünler, güzellik rutininizde doğal ve saf bir seçenek arayanlar için ideal tercihlerdir.
Zeytinyağı Sabunu
Çakırhan Zeytinyağı, özel formüllerle hazırladığı Zeytinyağlı Sabun Çeşitleri ile cildinizi doğadan gelen saflıkla buluşturuyor. Bu kategoride, lavanta, biberiye, kepeksiz, gül suyu özlü, karbonatlı, siyah ceviz kabuğu, propolisli ve arı sütü gibi benzersiz zeytinyağlı sabunlar yer alır.
instagram takipçi satın al
sizlerde hesaplarınızı bizimle birlikte büyütün en ucuz ve garantili servisler
Gemlik Kuru Sele Tuzsuz Siyah Zeytin
Zeytinlerimizin hepsi özenle seçilip el işçiliğiyle işleniyor. Geleneksel yöntemlerle ürettiğimiz zeytinlerimiz, tuzsuz, az tuzlu, kekik ve kişniş çeşnili gibi farklı lezzet seçenekleri sunuyor. Ayrıca doğal kalmışlık ve tazeliğini koruyan zeytin yağlarımız da vücudunuzun ve cildinizin ihtiyaçlarını karşılıyor.
Edremit Yeşil Zeytin
Zeytinlerimizin hepsi özenle seçilip el işçiliğiyle işleniyor. Geleneksel yöntemlerle ürettiğimiz zeytinlerimiz, tuzsuz, az tuzlu, kekik ve kişniş çeşnili gibi farklı lezzet seçenekleri sunuyor. Ayrıca doğal kalmışlık ve tazeliğini koruyan zeytin yağlarımız da vücudunuzun ve cildinizin ihtiyaçlarını karşılıyor.
canlı basket izle
Yazınız çok ilginç ve dikkat çekici. Konuyu farklı bir bakış açısıyla ele almışsınız ve okuyucularınızı şaşırtmayı başarmışsınız. Sizinle aynı veya farklı görüşte olanlar için de tartışmaya açık bir alan yaratmışsınız. Yorumumu onaylayarak bu tartışmaya katkıda bulunmak isterim.
Dağ İnciri
Kahvaltı Kategorisi, sağlıklı ve lezzetli bir kahvaltı için doğadan gelen özenle seçilmiş ürünleri bir araya getiriyor.
Body Shaping
Thanks for sharing sir. Your article its great. Thanks again sir.
begeni satin al
beğeni satın almak için sitemizi ziyaret edin
Fortune Wheel Sites
The Best 10 CS:GO Gambling Sites in 2023 – Free Bonus
Breast Augmentation
Your article its great sir. Thanks for sharing. Thank you.
zeytinyağı
Zeytinyağı, sağlığımız için vazgeçilmez öneme sahiptir. Zengin besin değerleri ve yüksek antioksidan içeriğiyle bilinen zeytinyağı, yemeklerinize ve salatalarınıza lezzet katar. Zeytinyağı Çeşitlerimiz Kategorisi’ndeki ürünler, özenle seçilen zeytinlerin en doğal ve taze haliyle sizlerle buluşuyor.
Saç Ekimim
Thank you sir, your blog its great. Thanks for sharing.
e ticaret fikirleri
Güvenilir hizmet mutlu müşteriler ile hizmetlerinize eşlik ediyoruz.
bursa reklam ajansı
Güvenilir hizmet mutlu müşteriler ile hizmetlerinize eşlik ediyoruz.
ideasoft
E ticaret paketlerinin özelliklerini ve fiyatlarını karşılaştırın. İşiniz için en uygun olan paket ile e-ticarete adım atın.
varyantlı ürün takip yazılımı
E ticaret paketlerinin özelliklerini ve fiyatlarını karşılaştırın. İşiniz için en uygun olan paket ile e-ticarete adım atın.
zeytinli köyü
Çakırhan dünyasına hoşgeldiniz.
Ümitköy dershaneler
Her bir öğrencinin danışman öğretmeni öğrenciye özel ders programı oluşturarak takibini yapar.
Edremit en iyi zeytinyağı
Çakırhan dünyasına hoşgeldiniz.
Hour Boosting
The Best 10 CS:GO Gambling Sites in 2023 – Free Bonus
kripto para
Hello, you have a very nice website. I wanted to comment.