Current Major Host Security Problems

To make matters worse, recreational hacking is being fueled by the efforts of folks who appreciate the inner workings of operating systems and network applications. They prize the holes that they find—broadcasting vulnerabilities over Internet Relay Chat, and packaging techniques into do-it-yourself toolkits for joyriders to share. Sometimes the attack starts with a captured password—pulled from the network by a packet sniffer. Often, it comes through a hole in a service, such as a carelessly coded CGI script, or the deliberate overflow of a stack variable. All that is typically needed is a foot in the door: once a hacker has access to a machine under the guise of a legitimate user, he can work from the inside and begin the cycle anew.

While it is impossible to protect against all threats, there are eight widespread practices on the Internet of today[78] that make host security far worse than it needs to be. These practices are:

  • Failure to think about security as a fundamental aspect of system setup and design (establishing policy)

  • Transmitting of plaintext, reusable passwords over networks

  • Failure to use security tools

  • Failure to obtain and maintain software that’s free of all known bugs and security holes

  • Failure to track security developments and take preventative action

  • Lack of adequate logging

  • Lack of adequate backup procedures

  • Lack of adequate system and network monitoring

Policies

Security is defined by policy. In some environments, every user is ...

Get Web Security and Commerce now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.