-
Meet Hollywood Rainmaker Kevin Allyn - July 17, 2019
-
From Humble Beginnings to Great Success - February 21, 2019
-
Spotlight on Tolga Katas - February 15, 2019
-
Freedom Downtime – The Story of Legendary Hacker Kevin Mitnick - August 25, 2018
-
Steve Wozniak Corrects Inaccuracies About Jobs Movie - August 25, 2014
-
Kevin Mitnick Interview on Steven Colbert - August 25, 2014
-
Legendary Psychoanalyst Adam Phillips on Why the Capacity for Boredom Is Essential for a Full Life - July 19, 2014
-
The Psychology of Your Future Self and How Your Present Illusions Hinder Your Future Happiness - July 18, 2014
-
Media Mistake: Brian Mulligan on Bath Salts – A Story Mistold - June 20, 2014
-
Anna Deavere Smith on Discipline and How We Can Learn to Stop Letting Others Define Us - June 16, 2014
Network Security – The Real Vulnerabilities
You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors?
Scenario: You work in a corporate environment in which you are, at least partially, responsible for network security. You have implemented a firewall, virus and spyware protection, and your computers are all up to date with patches and security fixes. You sit there and think about the lovely job you have done to make sure that you will not be hacked.
You have done, what most people think, are the major steps towards a secure network. This is partially correct. What about the other factors?
Have you thought about a social engineering attack? What about the users who use your network on a daily basis? Are you prepared in dealing with attacks by these people?
Believe it or not, the weakest link in your security plan is the people who use your network. For the most part, users are uneducated on the procedures to identify and neutralize a social engineering attack. What’s going to stop a user from finding a CD or DVD in the lunch room and taking it to their workstation and opening the files? This disk could contain a spreadsheet or word processor document that has a malicious macro embedded in it. The next thing you know, your network is compromised.
This problem exists particularly in an environment where a help desk staff reset passwords over the phone. There is nothing to stop a person intent on breaking into your network from calling the help desk, pretending to be an employee, and asking to have a password reset. Most organizations use a system to generate usernames, so it is not very difficult to figure them out.
Your organization should have strict policies in place to verify the identity of a user before a password reset can be done. One simple thing to do is to have the user go to the help desk in person. The other method, which works well if your offices are geographically far away, is to designate one contact in the office who can phone for a password reset. This way everyone who works on the help desk can recognize the voice of this person and know that he or she is who they say they are.
Why would an attacker go to your office or make a phone call to the help desk? Simple, it is usually the path of least resistance. There is no need to spend hours trying to break into an electronic system when the physical system is easier to exploit. The next time you see someone walk through the door behind you, and do not recognize them, stop and ask who they are and what they are there for. If you do this, and it happens to be someone who is not supposed to be there, most of the time he will get out as fast as possible. If the person is supposed to be there then he will most likely be able to produce the name of the person he is there to see.
I know you are saying that I am crazy, right? Well think of Kevin Mitnick. He is one of the most decorated hackers of all time. The US government thought he could whistle tones into a telephone and launch a nuclear attack. Most of his hacking was done through social engineering. Whether he did it through physical visits to offices or by making a phone call, he accomplished some of the greatest hacks to date. If you want to know more about him Google his name or read the two books he has written.
It’s beyond me why people try and dismiss these types of attacks. I guess some network engineers are just too proud of their network to admit that they could be breached so easily. Or is it the fact that people don’t feel they should be responsible for educating their employees? Most organizations don’t give their IT departments the jurisdiction to promote physical security. This is usually a problem for the building manager or facilities management. None the less, if you can educate your employees the slightest bit; you may be able to prevent a network breach from a physical or social engineering attack.
Dennis d’Entremont is the operator of SaveLoad Video Game Directory and Computers-Made-Easy.com
Author: Dennis DEntremont
Article Source: EzineArticles.com
Provided by: PCB Prototype & Manufacturing
6,651 Comments on this Post
güvenilir takipçi satın alma
thanks a lot
valorant win boost
Great post thank you. Hello Administ . legend of legends win boost legend of legends win boost
Bursa web tasarım
I really like the site you made. also your article is very well done and really informative. thank you for everything
bursa seo
I really like the site you made. also your article is very well done and really informative. thank you for everything
Steam Cüzdan Kodu
Yes.. Nice
hackdra
Hackdra has revolutionized the web3 with its Free cyber security trainings, ethical hacking courses and artificial intelligence courses.
takipçi satın al
thanks a lot
Anal Escort
Anal Escort
Alanya’da Escortlarla Görüşmek İster Misin
I really love to read such an excellent article. Helpful article. Hello Administ . Website: https://alanyaorjinalescort.com/
Leben
Haben Sie sich jemals unwohl gefühlt, wenn es um Mode, Schönheit, Einrichtung, Karriere oder irgendetwas anderes ging? Machen Sie sich keine Sorgen, das Internet ist für Sie da? Blogs diskutieren fast alle aktuellen Themen, die uns betreffen. Heutzutage helfen Ihnen Blogs dabei, die neuesten Trends wie Mode, Schönheit oder die neuesten Nachrichten auf dem Laufenden zu halten. Sehen Sie sich meine Liste der besten Blogs für Frauen an. Suchen Sie nach Inspiration für sich. https://kremi.org/Leben
marangoz ustası
quality and beautiful content
marangoz atölyesi
thanks for the content
国产线播放免费人成视频播放
Everything is very open and very clear explanation of issues. was truly information. 国产线播放免费人成视频播放
Manken Güzelliğindeki Escortlar
Thank you for great article. Hello Administ .Website: https://alanyaorjinalescort.com/
Bursa Sosyal medya yönetimi
herşey için teşekkür ederim gerçekten çok güzel bir site translate kullanarak çevirip okudum ve çok hoşuma gitti
国产线播放免费人成视频播放
Great post thank you. Hello Administ . 国产线播放免费人成视频播放
antalya promosyon kalem
thank you
国产线播放免费人成视频播放
Hello! I could have sworn I’ve been to this blog before but after browsing through some of the post I realized it’s new to me.国产线播放免费人成视频播放
güvenilir takipçi satın alma
thanks a lot
faceit win boost
Hello! I could have sworn I’ve been to this blog before but after browsing through some of the post I realized it’s new to me. elo boost elo boost
esea boost
Thank you for great information. Hello Administ . legend of legends boost legend of legends boost
Dropshipping Facebook reklamları
http://www.lisinya.com adlı sitemizi incelediniz mi? Bu konuda daha kapsamlı bilgi edinmek isteyenler için harika bir kaynak! Mutlaka ziyaret edin.
legend of legends elo boost
Thank you great post. Hello Administ . csgo ranks boost service csgo rank boost service
Bursa Sosyal medya yönetimi
muazzam bir yazı olmuş çok harika çok güzel teşekkür ederim
google işletme profili
Daha fazla bilgi için ziyaret edin: https://www.caglarbodrumlu.com
seo fiyatları
antalya web tasarım
dijital ajans
Türkiye’nin en iyi dijital ajans hemen inceleyin.
seo ajansı
Türkiyenin bir numaralı seo ajansı
https://calisma-saatleri.inoved.org/
Sustainable Fashion: Embrace ethical and sustainable fashion choices. Discover eco-friendly brands, fashion-forward tips, and the transformative power of conscious consumerism.
https://bilgisi.xyz/category/blog/
Outdoor Escapes: Connect with nature and embark on thrilling outdoor adventures. From hiking trails to camping tips, explore the beauty and serenity of the great outdoors.
ereksiyon hapı
The articles are great, they’re among the best I’ve ever read. Thanks for visiting again.
vozol 5000
Bu site bir mükemmel dostum.
implant tedavisi bursa
Estetik, günümüzde hayatımızın -ister bedenimiz, ister ofisimiz ya da evimiz olsun- her alanına yayılan önemli bir kavram haline gelmiştir. bursa gülüş tasarımı
ereksiyon hapı
thanks your makales book again me you love meee on the back ereksiyon
kaldırıcı hap
The articles are great, they’re among the best I’ve ever read. Thanks for visiting again.
dnm.watch
dnm watch
google ads görüntülü reklam
https://www.caglarbodrumlu.com
bursa escort
ilgi alaka için teşekkür ederiz. mutlaka sizi de kendi web sitemiz olan mudanya escort ziyaret etmenizi bekleriz. yorumlarınız bizim içinde değerlidir. burada çalışan emeği geçen herkesin ellerine sağlık. kendi durumuzu anlamanızı rica ediyorum. tüm ziyaretcileri bekliyoruz.
dnm watch
dnm watch
nazilli escort
nazilli escort
dnm.watch
dnm.watch
kuşadasi escort
kuşadasi escort
porno
Merhaba, iyi yayın
eski tarihli instagram hesap
Eski tarihli Instagram hesapları, genellikle platformun ilk yaygınlaşmaya başladığı dönemlerde açılan hesaplardır.
porno izle
Thanks, nice article. Please my website for my support.
telegram grup satın al
telegram gerçek üye satın al
Avatar: Way of the Water izle
avatar suyun yolu izle avatar izle
кобура игра
Cabura зарабатывай играя – радуйся каждому Кабура , Официальный сайт
meme büyütme ameliyatı
Meme büyütme operasyonu, memelerini küçük bulan kadınların kurtarıcısı haline gelen estetik bir cerrahi operasyondur. meme büyütme ameliyatı ankara
Kadıköy Marangoz
thanks again makales e book me you thanks bro ha bewat