Practice has shown that most system administrators install hardware, operating systems, and application software using the default configurations. This, of course, significantly simplifies their tasks, but, on the other hand, it does the same thing for intruders. A qualified hacker, knowing the default configurations and exploiting their vulnerabilities, can penetrate the hosts of the corporate network. Security scanners can be configured to search the hosts where the software is installed in the default configuration, and to recommend steps needed to eliminate the problems detected. Table 3.4 summarizes the number of vulnerabilities in various default configurations of the Windows family of operating systems detected by the Internet Scanner 6.1.
Default configuration | Number of vulnerabilities (by risk levels) | ||
---|---|---|---|
| |||
High | Average | Low | |
| |||
Windows NT 4.0 Server with SP1 and without IIS | 0 | 7 | 29 |
Windows NT 4.0 Server with SP6 and without IIS | 0 | 5 | 21 |
Windows 2000 Professional | 0 | 5 | 18 |
Windows 2000 Professional with SP2 | 0 | 5 | 18 |
Security Holes in an Urban Network | On January 25, 2001, Largo, Florida became a victim of a hacker attack. Having exploited the security holes in the urban network, the intruders managed to lock access to e-mail for all local authorities and municipal organizations. According to data reported by E-Commerce Times, an unknown Spanish company had illegally exploited the e-mail service by obtaining an address database and using it for sending spam containing ads for some phone service in Europe. As a consequence, Largo's local authorities and citizens were unable to use e-mail for a week. During this time, several million spam messages were sent from the addresses contained in that database. As a result, many ISPs included the entire city into their lists of spammers, and have refused to forward mail received from addresses containing the "largo.com" string. According to Tim McCormick, an Internet Security Systems analyst, the theft of e-mail address databases from organizations and large companies has recently become very popular among spammers. |