Common Exploits And Attacks - Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual

Hide thumbs Also See for ENTERPRISE LINUX 4 - SECURITY GUIDE:

Manual (410 pages)

System administration manual (400 pages)

Administration manual (200 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

page of 136

/ 136
Contents
Table of Contents
Bookmarks

Table of Contents

Appendix B. Common Exploits and

Attacks

Table B.1, "Common Exploits"

by intruders to access organizational network resources. Key to these common exploits are the

explanations of how they are performed and how administrators can properly safeguard their network

against such attacks.

Exploit

Description

Null or Default

Leaving administrative passwords

Passwords

blank or using a default password set

by the product vendor. This is most

common in hardware such as routers

and firewalls, though some services

that run on Linux can contain default

administrator passwords (though Red

Hat Enterprise Linux does not ship

with them).

Default Shared

Secure services sometimes package

Keys

default security keys for development

or evaluation testing purposes. If

these keys are left unchanged and are

placed in a production environment

on the Internet, all users with the

same default keys have access to

that shared-key resource, and any

sensitive information contained in it.

IP Spoofing

A remote machine acts as a node on

your local network, finds vulnerabilities

with your servers, and installs a

backdoor program or trojan horse

to gain control over your network

resources.

Eavesdropping

Collecting data that passes between

two active nodes on a network by

details some of the most common exploits and entry points used

Notes

Commonly associated with networking

hardware such as routers, firewalls,

VPNs, and network attached storage

(NAS) appliances.

Common in many legacy operating

systems, especially OSes that bundle

services (such as UNIX and Windows.)

Administrators sometimes create

privileged user accounts in a rush

and leave the password null, a perfect

entrypoint for malicious users who

discover the account.

Most common in wireless access

points and preconfigured secure

server appliances.

Chapter 6, Virtual

CIPE (refer to

Private

Networks) contains a sample

static key that must be changed

before deployment in a production

environment.

Spoofing is quite difficult as it involves

the attacker predicting TCP/IP

SYN-ACK numbers to coordinate

a connection to target systems,

but several tools are available to

assist crackers in performing such a

vulnerability.

Depends on target system running

services (such as rsh, telnet, FTP

and others) that use source-based

authentication techniques, which are

not recommended when compared

to PKI or other forms of encrypted

authentication used in ssh or SSL/

TLS.

This type of attack works mostly with

plain text transmission protocols such

as Telnet, FTP, and HTTP transfers.

103

Table of Contents

Need help?

Do you have a question about the ENTERPRISE LINUX 4 - SECURITY GUIDE and is the answer not in the manual?

Common Exploits And Attacks - Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual

Need help?

Questions and answers

Related Manuals for Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE

Related Content for Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE

Table of Contents