Beginning of Section Previous Page

Network Security

 Next Page Next Section
Line - Rainbow

NT Untrustworthy

Microsoft NT continues to be plagued with instances of security problems. In most cases these are dependent upon obscure and rare circumstances. However, the efficiency with which criminal hackers are finding them must be cause for concern.

Web Server

The MS IIS allowed access to source of active pages and allowing access to files with long names. This meant that information such as access codes, account names and passwords required for the server to do its job could be seen by people downloading the server files.

Denial of Service

Denial of Service (DoS) is an insidious form of attack. It can be performed purely externally and requires no more information than the fact that your system is connected to a network accessible to the attacker. A typical DoS attack will be to send a stream of requests to a system without waiting for replies. In most cases replies will be ignored anyway. The continuous stream of requests gets in the way of legitimate users either slowing their access or consuming all available resources so that they are turned away. In extreme cases the host or server may fail.

The TCP/IP stack in Windows 95 and NT can be destabilised by sending sets of malformed packets to it. There are well-known programs available on the Internet to perform this attack. Update on Network Denial of Service Attacks at: http://www.microsoft.com/security/netdos.htm

Rescue Disk "Droppings"

The Windows NT Rescue Disk creation program creates a backup copy of the SAM file and places it in a public area.

Microsoft Security Information

Microsoft has provided patches and work-arounds that address all the known security shortcomings. These are available at Microsoft’s web site at:- http://www.microsoft.com/security/


Black Hat Briefings

The hacking tools were revealed at the recent Black Hat Briefings conference held in Las Vegas. Click on the link below for the full story http://www2.idg.com.au/arndb.NSF/Current/NT00008252

Line - Rainbow
Beginning of Section Previous Page Home Page Section Beginning Table of Contents Send Email Next Page Next Section
NBS Internet Marketing Web Author: Geoff May. Last Update: 09/09/98
Copyright © 1998 by Network Business Services Pty Ltd.
All Rights Reserved.