SECURITY PENETRATION TESTING Are Your Computer Secure Enough Now ?

4Jul/090

H4×0rz, Tigers and Bears

Most security minded administrators keep abreast of the latest exploits being released that can affect systems in their networks. Upon hearing of a new exploit, a proactive administrator would start a scan across the network searching for versions of the potentially afflicted OS. Within a short period of time, a list could be generated and a targeted patching regiment could be initiated to get these machines back into a green state. Otherwise, if we do nothing, we leave ourselves open to a potentially crippling attack that could cost an organization untold amounts of money. Costs related to outages and data loss can easily be devastating to a business, not to mention the career of administrators asleep at the wheel.

Conversely an attacker can use Nmap and its OS fingerprinting and version detection against you in very devastating ways. If someone is allowed to scan even the most superficial areas of your network, they can ultimately gain the highest level of access and get at your information and intellectual property. Every enterprise environment of any scale is a constant target to the general hacking and malicious traffic going across the Internet at any given second. The bigger the enterprise and the more unique or valuable the data it houses, the more skilled hacker they attract. Keeping that in mind, know that even the least sophisticated hackers will use tools such as Nmap to do OS fingerprinting reconnaissance.

Information that was useful for you as a proactive admin is now a soft point for an attacker to work their way into your systems or otherwise deny them of services and impede your business flow. Aside from information regarding operating systems and exploits, an attacker could use the simple OS and version information derived from an Nmap fingerprinting attack to know the IP address of an externally facing router or wireless access point. For instance, an attacker could see a Linksys fingerprint, much like the one given as an example previously, and instantly have a foothold in attempting to gain further access to the network

Share and Enjoy:
  • Digg
  • StumbleUpon
  • Facebook
  • Twitter
  • MySpace
  • Technorati
  • del.icio.us
  • LinkedIn
  • Sphinn
  • Mixx
  • Google Bookmarks
  • BlinkList
  • Diigo
  • email
  • Print
  • PDF

Enjoy this article? Subscribe SecurityOwned!

Want to subscribing SecurityOwned RSS feed enter your email address: 

About SecurityOwned

SecurityOwned is My Personal Documentation about Computer Security
Filed under: Nmap Leave a comment
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment


No trackbacks yet.

« Detecting and Evading the OS Fingerprint Scan Nmap Security Audits and Inventory »

SECURITYOWNED CATEGORIES

SECURITYOWNED RESOURCE

SECURITYOWNED MEMBER OF :

Add to Technorati Favorites

SECURITYOWNED VALIDATION

[Valid RSS]