Security, Enterprise, and Directory Management Servers Attacks - Best Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
GFI LANguard - New Version 9 Out Now - Dld 30-day trial!   Get A Free iPod   Bookmark and Share 
Best Tips
5 Good Security Habits
Attacks Againts Windows ...
Anti-Spyware Buying Tips...
What do firewalls do?
TrustPort Workstation Re...
Travel Tips to Safeguard...
Panda Internet Security ...
How To Truly Delete File...
Your Kid Online - A Few ...
See how GFI LANguard N.S...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Vuln: DotNetNuke User Account Security Bypass Vulnerability
2009/12/24 0:00:00
Troj/Agent-LNS
2009/11/7 8:22:57
Troj/Agent-LSW
2009/11/7 8:22:57
Troj/Ramag-A
2009/11/7 0:09:48
Troj/Inject-KQ
2009/11/6 20:09:28
Our Partners
Downloads
 0.Google Sitemap Maker (Master Resale Rig...
 1.SEO Godfather
 2.AimOne Video Converter
 3.RSS Channel Writer
 4.JavaScript Drop Down Menu Creator
 5.PROcessu SeaBattle PPC
 6.Notes Organizer Deluxe
 7.NoClone Upgrade to Enterprise v4
 8.Aplus DVD to Pocket PC Ripper
 9.Intertech DVD Ripper
SANS Top-20 Internet Security Attack Targets: Security, Enterprise, and Directory Management Servers Attacks (1/2)  
Author: Max : 2006/11/23 Printer Friendly Page Tell a Friend
Security, Enterprise, and Directory Management Servers Attacks 
C8.1 Description

Applications such as on-server virus and spam filters, directory servers, and management and monitoring systems pose a unique security challenge; in addition to compromising the system hosting them, they provide opportunities to attack other systems.

C8.2 Applications Affected

These applications can be divided into multiple categories:


  • Directory Servers - Used to maintain user and system information. Compromising these applications can give access to large amounts of information, including usernames and (possibly encrypted) passwords.


  • Monitoring Systems - Used to monitor various other systems. These applications often have user accounts on monitored clients, allowing an attacker easy access to client systems.


  • Configuration and Patch Systems - These systems are used to maintain client configurations and patches. Compromising these systems provides an easy path to further distribute malware.


  • Spam and Virus Scanners - Vulnerabilities in these systems can often be exploited with little or no user interaction, by simply sending a specially-crafted email message. Once compromised, attackers can more easily send spam and virus-containing emails. Additionally, these systems often contain vital information, such as users' mailboxes.




These applications tend to run on a variety of operating systems, including common systems such as Microsoft Windows or Solaris, and rarer systems like HP-UX and Novell Netware.

C8.3 CVE Entries

CVE-2006-5478, CVE-2006-4509, CVE-2006-4510, CVE-2006-4177, CVE-2006-2496, CVE-2006-0992, CVE-2005-3653, CVE-2005-1928, CVE-2005-1929


C8.4 How to Determine If You Are at Risk


  • Use a vulnerability scanner.

  • Track vendor security announcements.



C8.5 How to Protect Against These Vulnerabilities


  • Keep the systems updated with all the latest patches and service packs. if provided, use an automatic update system.

  • Use Intrusion Prevention/Detection Systems to prevent/detect attacks exploiting these vulnerabilities.

  • Ensure that only authorized users and systems have access to the affected systems.

 Page: 1 2 
Return to Category | Return To Main Index
SANS Top-20 Internet Security Attack Targets: Security, Enterprise, and Directory Management Servers Attacks (1/2)  



 

NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Sep '08 | Oct '08 | Nov '08 | Dec '08  Jan '09 | Feb '09 | Mar '09 | Apr '09 | May '09 | Jun '09 | Jul '09 
4000+ Security Software Downloads