Network Infrastructure
2.5 Network Device Vulnerabilities
Network devices of all types are vulnerable to many different security risks and threats. This is why hardening is important, so that the chance of a threat actually becoming a malicious reality is extremely low. Switches, firewalls, routers and anything else connected to a network are all vulnerable to some sort of attack. For this section, keep these attacks in mind and correlate the risk that they carry.
· Privilege escalation – Privilege escalation is when a user is able to obtain higher permissions than those given by the system administrator. This can happen accidentally when an administrator assigns the wrong privileges, but in most cases, privilege escalation occurs when a user is trying to steal access. Many times a rogue user will find a flaw within the computer’s programming to use an exploit to gain administrative rights to a computer. Others will use keystroke loggers to gain access. This is why operating systems on every piece of hardware need to be patched and updated as necessary.
· Weak passwords – Weak passwords on any level, from guest accounts all the way up to administrative accounts are a huge security risk. Any computer or any other piece of hardware with weak passwords is susceptible to password guessing, password crackers, and other threats.
· Back doors – Hackers and crackers will often find and exploit backdoors that developers did not fix when programming. Back doors also include RAT tools that are placed by hackers to gain full control of your computer.
· Default accounts – Default accounts are extreme vulnerabilities because most computer users know that they exist. When a hacker is looking to gain access to your information, he/she can opt to crack the password to the default account and in no time will have access to your files. Many times computer users forget to change the default passwords on these accounts which makes them even more vulnerable.
· DOS – Denial of service attacks are common and can be used at anytime against any type of network or computer that lacks the proper security.
GetCertify4Less and GetCertified4Less
No comments:
Post a Comment