Preview

Improving the Security of Your Site by Breaking Into It

Powerful Essays
Open Document
Open Document
1185 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Improving the Security of Your Site by Breaking Into It
IntroductionIn order to utilize the most effective tools for breaking into their own site, IT administrators must fully review and evaluate the sites issues of vulnerability. This requires gathering as much information as possible about the site as if you where an intruder. For this to be successful, an IT administrator must now consider his or her site to be the target host. Here the administrators have at their disposal such services as finger, showmount and rpcinfo to initially aid in this effort. In addition, using some of the many other available security tools such as the remote probing SATAN (Security Analysis Tool for Auditing Networks) will give the administrator factual details on the sites various bugs and inherent weaknesses.

The article "Improving the Security of Your Site by Breaking Into it" allows IT administrators to look at their own network security through the eyes of an intruder. By utilizing the same tools as potential intruders, not only can administrators identify potential security holes in their existing network, but they can also raise the level of awareness and preparedness when it comes to intrusions. Quite often, IT administrators approach to network or host security is reactive instead of proactive. The article discusses techniques that can provide access to a remote intruder to a target host on your network.

Finger is a UNIX command that serves as a user information lookup. Performing a finger of a remote host provides information such as usernames, their associated real names, idle time, and IP addresses of users logged onto the target host at the time (whatis.com, 2007).

ShowmountThe UNIX command showmount is designed to query a remote host to display NFS shares that are present on the host. If no parameters are supplied with the command, showmount will display a list of clients who are mounting from that host.

mountThe mount command in a UNIX environment serves to attach directories or discs logically. By using the mount



References: hatis.com (2007). Retrieved on June 27, 2007 from http://www.whatis.comUNIX MAN pages (July 2001). Retrieved on June 27, 2007 from www.lehman.cuny.edu/cgi-bin/man-cgi?

You May Also Find These Documents Helpful

  • Powerful Essays

    Main Security Concerns: As a rapidly growing business that primarily utilizes IT resources for intranet company communications between and among a single home office and three satellite offices; internal network access controls and remote employee user’s access controls seem to be of primary importance. Priority number one should be hardening and the safeguarding of access and data integrity of the Oracle database servers housed as the main office in Reston, VA. And separately at the San Diego satellite office A comprehensive security policy will be developed and approved by management that will detail the specific guidelines administrators must follow when allowed admin access to company IT resources and services, and when and how those permissions should be denied or allowed. Additionally, auditing and logging of critical events should be implemented utilizing a reliable SEIM (Security Information and Event Management) system. Moreover, control of user access from remote sites via the company intranet via VPN’s and remote access via RADIUS should be strengthened and monitored for both qualitative and quantitate analysis and measuring. Cryptographic techniques will be enhanced and login and password requirements will be strengthened. Of significant importance is the company web presence and corporate access to its knowledge base portal within the company intranet. The company web presence is of vital importance to allow customers to access information concerning the company’s products and services. The knowledge portal is vital for company employees to have access to propriety information while protecting their confidentiality, integrity, and availability of the data. We will separate and hardened both the web server and the knowledge portal via…

    • 2606 Words
    • 11 Pages
    Powerful Essays
  • Satisfactory Essays

    The explosive growth and popularity of the Internet have resulted in thousands of structured query able information sources. Most organizations are familiar with Penetration Testing and other ethical hacking techniques as a means to understanding the current security status of their information system assets. Consequently, much of the focus of research, discussion, and practice, has traditionally been placed upon active probing and exploitation of security vulnerabilities. Since this type of active probing involves interacting with the target, it is often easily identifiable with the analysis of firewall and intrusion detection/prevention device (IDS or IPS) log files.…

    • 501 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Oriyano, S.-P., & Gregg, M. (2011). Hacking Techniques, Tools, and Incident Handeling . Burlington: Jones & Bartelle Learning .…

    • 1902 Words
    • 8 Pages
    Better Essays
  • Powerful Essays

    Riordan Security Issues

    • 1371 Words
    • 6 Pages

    Palmer, M. (2003). Guide to Operating Systems Security. [University of Phoenix Custom Edition e-Text]. , : Course Technology. Retrieved September 21, 2009, from University of Phoenix, CMGT440.…

    • 1371 Words
    • 6 Pages
    Powerful Essays
  • Better Essays

    Nt2580 Final Project

    • 1848 Words
    • 6 Pages

    Based on the premises that Richman has 5000 employees throughout the main office and several branch offices, this document dictates research solutions and details the appropriate access controls including policies, standards, and procedures that define who users are, what they can do, which resources they can access, and which operations they can perform on a system.…

    • 1848 Words
    • 6 Pages
    Better Essays
  • Satisfactory Essays

    1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit.…

    • 488 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    operations in organisations and business environments. Security threats on the remote machines can always be averted easily and their impacts are not as serious compared to threats on the central computer system (Kaufman et al, 2002).The central computer system is a valuable resource that must be secured to ensure continued operation in the organisation. Securing a central computer network is the key to ensuring network security in any institution (Kaeo, 1999).…

    • 349 Words
    • 2 Pages
    Good Essays
  • Good Essays

    final exam

    • 1020 Words
    • 5 Pages

    12. TCO (3) In the General tab of the Local Disk Properties dialog box, the ____ field displays the amount of used…

    • 1020 Words
    • 5 Pages
    Good Essays
  • Satisfactory Essays

    File Processing Commands

    • 354 Words
    • 2 Pages

    What command would you use to display the amount of available disk space on /dev/db1 in a human readable form?…

    • 354 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Defense against web attacks is a key element in a security professional’s skill set. For this assignment, your manager has asked you to review the Aim Higher College’s Web server and application security and to suggest appropriate defenses. For each of the following scenarios, explain what the threat or threats are, what defenses you would recommend, and why.…

    • 1988 Words
    • 8 Pages
    Better Essays
  • Good Essays

    A computer security career is a highly diverse and important position, where you could work anywhere from a College Campus to a Hospital Administration building, all the way up to the Government Agencies all over the world. With so many new businesses’ opening daily, worldwide, the job market will be forever expanding. Whenever a business’s computer system acts up it’s the job of their computer security specialist to carefully take all the required steps to identify and resolve the specific issue, combining many people into one, saving the company lots of money. These specialists have and exceptional and advanced overall knowledge of all things computer.…

    • 525 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Assignment 4

    • 425 Words
    • 2 Pages

    c. What /etc/exports entry would export a directory named /nfs to all clients on the subnet 192.168.10.0 and give them read-only access?…

    • 425 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS 4560 Week 1

    • 309 Words
    • 2 Pages

    Web-based attacks – the increasing pervasiveness of Web browser applications along with increasingly common, easily exploited Web browser application security vulnerabilities has resulted in the widespread growth of Web-based threats. Attackers wanting to take advantage of client-side vulnerabilities no longer need to actively compromise specific networks to gain access to those computers. Instead, they can focus on attacking and compromising websites to mount additional, client-side attacks.…

    • 309 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    04 ctl model checking

    • 8098 Words
    • 116 Pages

    [Clarke, Grunberg & Peled, “Model Checking”, MIT Press], and their copyright is detained by the authors. All the other…

    • 8098 Words
    • 116 Pages
    Powerful Essays
  • Good Essays

    Jm Pwd File

    • 506 Words
    • 3 Pages

    1. mkdir: The mkdir command will allow you to create directories. Example: "mkdir music" will create a directory called "music".…

    • 506 Words
    • 3 Pages
    Good Essays

Related Topics