netflap.com Blog

I’ve done up this list to help other IT professionals avoid the mistakes I’ve made and the mistakes I’ve seen others make.  These tips are for both corporate and home users because both can fall into the trap.  If you’re an IT administrator, be sure to read through the list and double check to see if your network is vulnerable.

5. Doing day-to-day work as an administrator
Logging into your system as an administrator/root just to check your email or surf the web is a very bad thing.  You should only be using administrative privileges when you need them.  Using commands like su in *nix or runas in Windows is the best way to get admin privileges only when you need them.  If you’re logging in as an administrator, an attacker simply has to send you a malicious email or lure you to a bad website to gain complete control over your system and maybe even your network.

4. Vulnerable email client
If your e-mail client is not fully patched with the latest vendor security patches, you’re asking for a world of trouble.  When someone is able to simply send you an email and have it auto-execute whatever code they want, this is a bad thing!  Patch your email client often and if you’re using a common email client like Microsoft Outlook, it’s even more important.

3. FTP server with simple account passwords.
In one of the companies I used to work for, we ran a small webhosting server farm.  The logs on these servers would show invalid FTP login attempts.  At least once a week (if not more), we would see an attacker probe usernames/passwords.  They would try a few hundred common username/password combinations to attempt to get in.  The result when they do get in is usually several hidden directories in which they put movies/music/pirated software.  Make sure your FTP server doesn’t have any “default” accounts and all of your common accounts have strong passwords.

2. Vulnerable web browser.
Using an unpatched web browser is like leaving the keys to your parked car on the hood.  You won’t definitely have your car stolen, but the odds are good.  The internet has become a breading ground for spyware and viruses.  A large majority of spyware infects people’s system using web browser vulnerabilities.  Make sure to always download and install recent Firefox updates, visit Windows Update to patch Internet Explorer or download all security updates for whatever browser you do use.

1. Blank local administrator or root password.
The number one easiest way to get hack is to have a blank local administrator or root password set on your system.  You may think that it is quite obvious, but it can be easily overlooked.  I’ve seen systems hacked in less than an day when the Citrix server went online with a blank local administrator password.  This kind of thing was easily missed because the system was only logged into using domain accounts and the manufacturer installation CD had set the administrator password to blank.  Always double check all accounts that have access to your system for reasonable passwords.  No system in your network should have a blank administrative password!

TrackBack to 'Top 5 ways to get hacked'.