How are you most vulnerable?
- Using
programs that send passwords in the clear (e.g, telnet,
ftp, IMAP/POP, etc.)
- Sharing of passwords and not changing passwords
- "Guest" accounts or open accounts (gains foothold)
- "Post-it note" password habits
and "Social engineering" attacks
- TCP/IP services that provide attacker with information
- TCP/IP services--especially sendmail--without
proper security patches, or poorly configured
- Any Macintosh, PC or Unix workstation on a shared ethernet
segment could be sniffing packets
- Do your student PC labs share an ethernet with
administrative offices or your central servers?
- Newer 10Base-T hubs--like those used in the dorms--are
more secure (scramble packets not meant for a given port)
- May wish to purchase bridges to isolate ethernet segments, or
use a PC with two ethernet cards to run TAMU drawbridge
- Workstations--especially servers--that you don't log
in to often
- Writable anonymous ftp
- If you don't have hardware passwords, anyone with physical access
can get root access (especially PCs)
[Next]
|
[Prev]
|
[Top]
Dave Dittrich <dittrich@cac.washington.edu>
Last modified: Mon Jan 26 12:33:02 1998