Monday, September 30, 2013
Making mistakes concerning the network security is very common. The same mistakes are repeated again and again. These problems cannot be solved without changing our working methods. In this article we discuss about some common security problems that are faced by a network.
ØUsing weak and non-complex passwords for accessing the network:
- Brute forcing is an old school exploit to which many of the system network administrators are open to.
- The very famous captcha technology has been implemented for correcting this vulnerability of the network security passwords.
- In the common captcha, the user is required to type in the digits or the letters that are displayed on the screen in some sort of distorted image.
- This technology has been designed to prevent the network to be accessed by unwanted internet bots.
- However, this is not as safe as it looks.
- It just gives a false sense to the network admins for countering the brute forcing.
- Complex password is the solution for this problem.
- For creating a complex password, more than seven characters need to be combined with special characters and numbers.
- Apart from the creation of the complex passwords, a password expiration system has to be implemented.
- This system is for reminding the users for changing their passwords.
- Also, care should be taken regarding the reuse of the passwords.
- Cycling of the passwords should not be allowed.
Ø Using server application or software that is outdated:
- The patches are released by the companies from time to time for ensuring that the system does not become vulnerable to the various threats.
- Also, new exploits and threats are posed by the hackers that can harm the network if the patches are not properly used.
- For ensuring the network administrator is kept informed of the new threats, the software or the applications have to be updated regularly.
Ø Web cookies:
- Even though the viruses and malware cannot be introduced in to the network through cookies, these cookies can be tracked by some third party cookies for compiling the records of the browsing histories of the individuals.
- The cookies that are not encrypted pose a major threat because they make the system vulnerable to the cross site scripting (XSS) attacks, thus putting your privacy at risk.
- The open cookies can provide access to the cookies with the log-in data which can be used by hackers for intruding in to your systems.
- The solution to this problem is to use the encrypted cookies along with an encoded expiration time.
- The admins might ask the users to re-log-in before accessing important network directories.
Ø Plain hashes:
- Hashing is the technique used for indexing and retrieval purposes in the database.
- In most of the encryption algorithms, the plain hashes are mostly used.
- A type of encryption is the salt that might be added to the hashes for making the creation of a look-up table that might assist the brute force or directory attacks extremely difficult or let’s say almost impractical.
- But this works only when large salt is used.
- Usually a pre-computed look up table might not be used by the attacker in exploitation of the network.
- This makes the network security system even more complex.
- So even if the attacker is able to break into your system, he won’t be able to access the information from the database.
- The encryption key should be kept hidden.
Ø Shared web hosting:
- This service is used by the websites that reside on one same server.
- Each site is given its own partition.
- This is economically feasible for most of the systems.
- But here if the attacker breaches in to system of one website, he can get into other website’s security systems too.