Time is money, and every single second a network is down is hazardously cutting into the profits of any small business, company, or even home network. If we want to prevent downtime from attacks, we have to find out how they happen - and how.
Bear in mind this is beyond the scope of most folks searching for advice on personal home computers - but very interesting nonetheless.
The Holy Grail of Security Blunders
Hackers have a reputation of knowing just about everything concerning security, and usually have genius minds that can get past any security road block. Luckily, this reputation is generally not true. The most common unsecured entry points on a network are the fault of your very own network administrator.
First thing is first: unsecured passwords. When devices such as computers or routers are installed, they usually come with a default password. If this password isn’t changed, it is very easy for a hacker to guess what the password is. In some cases, hackers just simply scan for devices that do in fact have the default password still enabled. Even the United States government has been at fault for not changing the default password - and has been the victim of much abuse.
Secondly, passwords that aren’t secure enough are just as bad as the default password. Thanks to brute force attacks, passwords can be easily guessed through thousands of generated guesses by a computer program. This means that taking advantage of random letters, numbers, and uppercase characters is the only way to stay secure. In April of 2002, it was reported that a large number of banks, government agencies, and even NASA were vulnerable to this type of attack. Luckily, the attacker was the helpful kind - and made sure these vulnerabilities were taken care of.
Lastly, we have the most preventable type of exploit: the buffer overflow. A buffer overflow is the result of poor programming by computer programmers. There are ways to leave “holes” in programs that would enable a hacker to find and exploit. The buffer overflow exploit works with inputting data into a program. While there are several variations of the exploit, hackers generally input malicious code into an otherwise harmless input field. This kind of exploit demands that network administrators pay attention to what programs are installed on the network, since well-known companies will not make poor programming mistakes such as this.
DOS and DDOS – The Most Common of Attacks
Denial of service, or DoS, is a way to bring down entire networks with relative ease. This doesn’t even involve an intrusion onto the network - in fact it is pretty basic and can be done by anyone. With a denial of service attack, a computer or group of computers sends data to another device constantly. This will essentially overload the computer with requests, and render it useless. This is a good way to bring down networks, websites, and generally wreak havoc. Microsoft itself has been victim of crimes such as these, which proves that they can be very difficult to prevent.
In a distributed denial of service attack, or DDoS, many computers are used for the attack. This is commonly accomplished with Trojans and viruses to help get innocent computers in on the attack. The infected computers generally never show signs of being used for a DDoS attack to the common user, and thus are called “zombies”. Being attacked with a few thousand of these “zombie” computers can instantly bring down even the toughest of networks.
The worst part is anyone can do it. Your best bet in defending against one of these is to get specialized hardware, or invest in more resources to handle the load until you can track the attackers down.
The Man in the Middle
One of the more complex hacks is the man in the middle technique. This technique intercepts a connection between two computers and hijacks the connection. These are especially dangerous, since user sessions can be hijacked. Imagine you are using an online bank, and someone intercepts the connection with this technique. Your bank would think that the “man in the middle” is in fact you!
Thankfully, this technique is very rarely seen. It requires a lot of hard work, and is not easily accomplished. Likewise, protecting against it usually just means setting up a good security around your network. Implementing encryption also ensures that the communication between the two computers can’t be hijacked and read at all - as we discussed in the previous section.
Wireless Introduces New Threats
With the advent of wireless technology, comes the advent of new security holes to take advantage of that new technology. Most notable is eavesdropping. This technique allows anyone on the wireless connection to listen to other traffic on the connection. This is especially dangerous with some applications that send passwords out over the connection - such as FTP applications. An unprotected wireless connection will be noticed by hackers, which makes this exploit very critical in patching up.
The best protection against this type of attack is to encrypt the wireless connection. Hiding the connection from public view is also an easy option that proves very useful, although skilled hackers know how to find them. But when it comes to encryption, even the best hacker will have trouble cracking the code for long, without being noticed.
Listening to your own traffic is a good way to find holes before others do - and you’ll need a packet sniffer or protocol analyzer. Both of these tools will seek vulnerabilities out, although be very careful when using them. Any type of company with a system administrator will very likely take offense to anyone sniffing their network or scanning their ports for vulnerabilities. It isn’t uncommon to receive a phone call from such activities if you do so with the wrong company or network.
As we’ve found out from this section, hackers have a lot of techniques in which to bring network security down. There are yet still more techniques used today by hackers, but generally you will see these types of exploits the most.
For every tactic hackers employ, there is a solution. The best solution is of course to find the holes in your network and patch them up. We can do all of these things with the aid of some very helpful tools - and we will do just that in the next section.