Network hacking for dummies: Not just for dummies anymore

By Andrew R. Hickey, Senior News Writer 15 Feb 2007 | SearchNetworking.com

Network security news, advice and technical information Digg This!     StumbleUpon     Del.icio.us

Or so says Kevin Beaver, CISSP, independent information security adviser with Principle Logic LLC and author of Hacking For Dummies, 2nd Edition, a book that teaches network and security pros how to test systems, plug holes and foil attackers. The book illustrates how both outside and inside attacks and hacks can happen and how to determine where the network and systems have weaknesses. Hacking For Dummies also offers advice on strengthening defenses and preparing security-based reports, and it makes recommendations for management.

Hacking For Dummies separates itself from other hacking books in that it includes the entire phase of security testing. It outlines vulnerabilities in the network and systems, talks about tools to protect against them, and details a methodology for ensuring security.

According to Beaver, one key component of keeping enemies close and on the radar screen is for networking pros to take on and understand a hacker's mindset.

"You have to be able to look at things from the perspective of 'how can this be exploited?'" Beaver said. "Look at weaknesses from a malicious standpoint."

Oftentimes, though, there are aspects of the network that could be particularly vulnerable that can be overlooked, not necessarily because pros lack the knowledge to lock them down but because security concerns are focused on other technologies, and network devices and components don't get the attention they deserve.

"There's so much focus on Web applications, databases and operating systems," Beaver said. "I see a lot of people overlooking the network infrastructure."

But, according to Beaver, network infrastructure needs to be taken into consideration when thwarting hacks or attacks. He said vulnerabilities are being discovered in operating system firmware and other device components. There are tools available to prevent such vulnerabilities, whether they are on the Web interface of a router or firmware on a switch.

Most tools, Beaver said, are low cost or available as freeware and can ensure that infrastructure devices are locked up tight.

For more information Check out a chapter from Hacking For Dummies, 2nd Edition Learn about SMB security testing tools in this tip from Kevin Beaver

Wireless, too, is often a haven for hackers because companies struggle to keep it locked down. One place where wireless security fails is not usually from external malicious hackers but from inside workers putting in their own access points.

"People are still overlooking wireless issues," Beaver said. "Employees can bring in an access point … it's a huge problem."

Rogue access points are a large part of the problem, and while many companies have a policy prohibiting employees from setting up their own access points, very few organizations enforce it.

Laptop-based analyzers work, but they are used too infrequently and can pick up only what is being used during a walk through. Beaver said that in order to enforce policies, companies need the right technology on the back end, preferably something real-time. He recommends tools such as wireless IDS and IPS to recognize and prevent rogue access points.

"You've got to be proactive about it," he said, and upon the discovery of a rogue access point, the offender "needs to be made an example of," instead of IT just walking over and telling him not to do it again.

"Be on the lookout for inside users," he said. "People on the inside of the network are exposed to more. These people are exploiting their trusted privilege. And in the majority of networks, there's no way to track that back to who did what."

Where most companies fall short and risk exposing themselves to attacks is communication, which Beaver estimates makes up 97% of network security. But a lot of lack of communications comes down to lack of resources and lack of time management, Beaver said. Good network security comes, however, from regaining control and testing the infrastructure for any holes that may be present.

"The No. 1 tip is, you've got to gain control," Beaver said. That control involves having appropriate access controls and policies to dictate how the network is used and by whom.

Tags: Network Security Monitoring and Analysis,  Wireless Network Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Monitoring and Analysis Where can I find a sample security audit report? How can I run my own? The firewall remains the network traffic cop, but its role is changing Troubleshooting VLANs: How to monitor 802.1q tagged traffic Poor data-loss prevention practices almost cost Intel a billion How can I block my competitor's IP address range from my website? Hospital gains network visibility by convincing vendors to collaborate What software monitors and locks users from accessing my router? Data leak prevention starts with trusting your users NagVis -- 'Nagios: System and Network Monitoring, Second Edition,' Chapter 18 What is a genetic algorithm and where can I learn more about them online? Wireless Network Security Rogue access points: Preventing, detecting and handling best practices Securing embedded 802.11n devices How wireless network encryption affects signal strength, connectivity New PCI compliance rules ban WEP, tighten wireless LAN security Best practices for securing your wireless LAN IEEE 802.11w protects wireless LAN management frames How can I be sure no one is hijacking or hacking my WAP? Securing Wireless Systems -- 'Build Your Own Security Lab: A Field Guide for Network Testing,' Chapter 9 Why wireless network cards show activity when no one uses the computer What are recent security developments for MIPv6?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary deep packet inspection (DPI)  (SearchNetworking.com) FCAPS  (SearchNetworking.com) Nessus  (SearchNetworking.com) netstat  (SearchNetworking.com) port mirroring  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary