Forums: How To Secure A Lan - Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

How To Secure A Lan

#1 User is offline   loot 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 21
  • Joined: 19-October 03

Posted 30 December 2003 - 04:49 PM

Hi there,

last days i saw that someone hacked onto a Client in a bigger network.
How is it possible,that this dude hacked about 90% of all Clients.
I saw that the first wasnt patched(Dameware :/ )
Are there tools to check security inside a LAN.
He do not have the Domain Passwort because its to weird to brute :P
thanks for ya help

LooT
0

#2 User is offline   jockel 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 109
  • Joined: 19-October 03

Posted 31 December 2003 - 02:18 PM

maybe he sniffed your network with the hacked machine ?

there are many t00ls ... sniffers like cain & abel or so ..
or he could have installed remote security scanners on the compromised machine ...
there are many of em ... expl. x-scan
0

#3 User is offline   Blake 

  • Former Commander In Chief
  • Icon
  • Group: Retired General
  • Posts: 7,317
  • Joined: 24-September 02

Posted 31 December 2003 - 02:40 PM

As part of any continual security program I suggest that you use a vulnerability scanner. Nessus is free and available at http://www.nessus.org Use it and I would say you can locate the fact that 90% of your problems are patch related. ;)
Posted Image Subscribe To Our RSS Feed For the Latest News from GovernmentSecurity.org
Would you like to earn money posting on GSO?
0

#4 User is offline   loot 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 21
  • Joined: 19-October 03

Posted 04 January 2004 - 09:45 AM

thx for these useful links
:>
0

#5 User is offline   alexsen 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 30
  • Joined: 13-August 03

Posted 04 January 2004 - 04:56 PM

It all comes down to how knowledgable you are about your lan,

Ask yourself this: (they might help)
how many external devices (links to the internet) it has, are they protected (prober routted firewalled proxied), do you use any DMZ for further protection,
the pc's that are connected directly to internet what kind of services do they run?
Are they updated? Do they have weak passwords? Will they lead to the internal network copromization? And many more that are just basic. Just to give you the idea.

Upon a succefull entry in one of the computer that are connected to the net, all the internal network is easy to get, either by passwords of the already copromised computer (mail logins,sql logins, whatever) or sniffing or RE or services that run internally which are easy exploitable.


i am toooo sleepy and to make a long story short, you can use what GSecur suggested and try to keep as much update you can...

goodnight all
0

#6 User is offline   Jeremy 

  • Commander in Chief
  • Icon
  • Group: Admin
  • Posts: 2,345
  • Joined: 14-May 03

Posted 04 January 2004 - 05:03 PM

alexsen: you forgot the most important question. How can you prevent the users from creating holes, or from screwing up the LAN? Internal users are the top of the list of ppl who hack networks.
Your time is limited, so don't waste it living someone else's life. Don't be trapped by dogma � which is living with the results of other people's thinking. Don't let the noise of others' opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition. They somehow already know what you truly want to become. Everything else is secondary.
~Steve Jobs
Jeremy aka w00dy aka foadah
0

#7 User is offline   alexsen 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 30
  • Joined: 13-August 03

Posted 05 January 2004 - 02:05 AM

yes you are, the sleepy feature of mine took some lan security features off :D

w00dy thanks for feeling me

training of users ( the hardest and slowest i could say :P )
0

#8 Guest_xy8088_*

  • Group: Guests

Posted 16 March 2004 - 04:28 PM

You can download (free) the Microsoft Baseline Security Analyzer and use that to scan all your windows machines. Using it in conjunction with another security scanner like nessus should alert you to many potential problems.

http://www.nessus.org/
http://www.microsoft...s/mbsahome.mspx
0

#9 User is offline   st3@1th 

  • Private First Class
  • Icon
  • Group: Members
  • Posts: 75
  • Joined: 20-January 04

Posted 17 March 2004 - 10:03 AM

IF you create an admin group for the pcs and then put users in it, your hosed once one of your pcs get comprimised. Its a temptation, since its easy to setup and keeps users from asking to install stuff for them, but very risky, esp. share spreading worms, one pc gets infected, then uses the users credentials to infect all the other machines on the lan.

Besides that as the group says, you probably have some missing patches on your workstations that would allow a hacker to run some type of autorooter to gain access to all machines almost instantly.
0
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users

  • Share



Our Sponsors:


SwiftLayer Affiliate Web Hosting