Securing Windows NT Server | Page 3

NEWS BLOGS FORUMS NEWSLETTERS RESEARCH EVENTS DIGITAL LIBRARY CAREERS

IMMERSE YOURSELF:

Storage & Servers


	W O R K S H O P

Securing Windows NT Server April 3, 2000
	The Evolution of an Exploit Before you dive into lockdown techniques, you must understand how application and system vulnerabilities are discovered and how this knowledge is propagated and used. OS and application vulnerabilities are discovered by widely different individuals--ranging from the talented folks in the "underground" to system and network administrators who have stumbled into bizarre situations. While the manipulation of certain bugs simply results in odd system behavior, other bugs will crash systems entirely. And some even allow for unauthorized administrator-level access. Many of these flaws are reported to vendors initially, but just as many are not. The release strategy surrounding discovered security bugs depends on the person who discovers the flaw. Some people report the problem to the vendor, some send a warning to public forums like Bugtraq (www.securityfocus.com), some code an application or script to automate the exploitation of the bug, and others do all of the above. The vulnerabilities that are not public knowledge--the ones the vendors are unaware of--will always be a problem. As long as vendors continue to release flawed code, there's very little we can do to protect ourselves (short of not using the product). As a community, we will continually fall victim to these attacks, but we can defend ourselves against known vulnerabilities. Most attackers leverage known holes. If a security flaw is known, both system administrators and attackers are likely aware of it. The result is a race against time, pitting the attacker against the system administrator. Whoever strikes first, wins. So if you aren't patching your systems in a timely manner against known problems, you're inviting disaster. The intruder's specialty is watching for new holes and entry methods, so if you're not ready and willing to match wits when that intruder comes for your servers, you will lose.

PAGE: 1 I 2 I 3 I 4 I NEXT PAGE

Ready to take that job and shove it?
Open | Close

Post Your Resume

Employers Area

News & Features

Blogs & Forums

Career Resources

Browse By:
State | City

SPONSOR

RECENT JOB POSTINGS

Featured Jobs:

Boeing seeking Software Engineer 5 in Anaheim, CA

KForce seeking Inside Sales Associate in San Diego, CA

Amalgamated Bank seeking Chief Information Officer in New York, NY

Apollo College seeking Medical Billing and Coding Instructors in Albuquerque, NM

Allstate seeking Exlusive Agent in Las Vegas, NV

For more great jobs, career-related news, features and services, please visit our Career Center.

CAREER NEWS

Federal CTO Sees IT Leading U.S. Out Of Recession

Aneesh Chopra is looking to other CIOs to advise him on fleshing out a more detailed agenda to best serve the president's IT agenda.

IT Spending To Fall By 3.8 Percent

IT spending is expected to decline by 3.8 percent in 2009 according to Gartner.

More articles from our career center


Today's Most Popular Stories • Rolling Review: SOA Appliances • Making The Move To Multicore • Rolling Review: Web 2.0 Tools Demand A Cautious Approach • Rolling Review: Windows Server 2008 Server Core
Today's News Analysis • Amazon EC2 Entices Innovative Uses With Persistent Storage • AIG Private Client Group Diagnoses SOA Glitches With BMC Solution • CA Emphasizes Holistic Enterprise IT Management • Apple Previews Its Next Mac OS 'Snow Leopard'
REPORTS Analyize In-Line NAC strategies and products.	ANALYTICS Plan and design your enterprise blade server deployments

2009 IT Salary Survey: Meager Raises, Solid Prospects

Though raises are notably smaller than a year ago, and job security�s shrinking, IT careers are looking safer than many others in this economic downturn. Get all the findings in InformationWeek's 2009 IT Salary Survey. Available FREE for a limited time.