Threat hierarchy: experimental hacking

There are five levels of threats. In the next few days I will walk though each of the levels, starting with the lowest level: experimental hacking.

There are five levels of threats. In the next few days I will walk though each of the levels, starting with the lowest level: experimental hacking. (I will be in Reykjavik for most of next week where I assume I will have no trouble getting online but you never know.)

Experimental hacking has been with us since the first days of computers and networks. Can you remember using gopher or Archie to "surf the net"? If you found a US Air Force server in Antarctica you tried to login regardless of what the warning page said. Some other examples of experimental hacking include:

- URL editing. Ever see something like "SID=01459" in the URL window of your browser when you were logged in to a site? Just change that Session ID to a lower number and you are logged in as another user! A malicious experimenter would then browse to the "preferences" page and change that person's password. This is called session hijacking.

- Network neighborhood browsing. Thank you Microsoft for making the internal network so visible! Thought experiment: put a server on your corporate network called "Payroll". Put a document in an open file share called "salaries.doc". How long will it be before everyone in the organization is aware of the contents of that document?

-Password guessing. This is so easy. In way too many instances users choose the word "password" as their password. Try it next time you get a 419 type scam from a Yahoo email address. Log into the sender's Yahoo account. Do your vigilante duty and change their password to Jn&756c/?>.

Even though experimental hacking is the lowest level in the threat hierarchy that does not imply that you do not have to guard against it. You have to design your applications and networks to prevent any possibility of someone using tried and true techniques to get in. Are you still using telnet and anonymous ftp? Is your firewall set to allow all higher level ports? Do you use sequential session IDs? Fix those and meanwhile you can start worrying about the next threat: Vandalism.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All