:: NORMAN :: Antivirus | Firewall

Inicio

Noticias

Productos & servicios

Virus & seguridad

Soporte

Descargar

Distribución

Comprar

Elige su país

Elige su producto

Virus & seguridad » Información de Seguridad » 1999 » What a hacker may know about your systems

What a hacker may know about your systems

Agregar a mis favoritos de Norman

Security Information Week 10, 1999

A person who is interested in breaking in to an organization's computers wants to know as much about these computers as possible. She is interested in the operating system, which services that are running on the computer, which ports that are open, and so on. Much such information is available from any computer connected to the Internet.

Traditionally such a person may have used tools for example to scan ports on one or a set of computers in an organization. Last year there were several reports about hackers in different countries who cooperated in obtaining such information from an organization. The idea behind this was that since several computeres were involved in obtaining information, the entries in the log files would not be so obvious, and the probability was higher that the information-gathering attempts would be unnoticed by the attacked organization.

Late last year we saw a new development in this area. A tool which made attempts to gather information that seemed to come from different computers, even though they originated from one computer only (spoofing). Most likely such a tool was used in the attempt to break into the Pentagon a short time ago; an event which received great press coverage.

One such program - Nmap - uses a technique called "fingerprinting". It scans the TCP/IP stack on a computer and based on the response compares this with a database of known specialities of a lot of operating systems and versions. It can scan one computer or any range of computers, and supports a lot of different scanning techniques.

Armed with this information a hacker might use known security holes in that particular version of the operating system and/or services to break into the computer(s).

Such programs are of course potentially dangerous if they are used to break in to computers. They may however also be used as security tools. The personell responsible for security in an organization may use them to find weaknesses in the organizations computers and network thus being able to get rid of those.

Per Olav Førland

ALARMAS DE VIRUS

Medium risk
15	Aug	08	AntiVirus 2008
24	Oct	07	Pidief.A
24	Jan	07	Tibs
25	Sep	06	Stration
18	Jan	06	Small.KI
12	Sep	05	Bagle.CS
17	Aug	05	Zotob.B
08	Jun	05	Mytob
17	Feb	05	MyDoom.AQ
26	Jul	04	MyDoom.L
25	Mar	04	Netsky.P
Low risk
05	Mar	07	Viking.GT
27	Jan	06	Feebs
16	Jan	05	MyDoom.AH
22	Apr	04	SDBot
30	Mar	04	Netsky.Q

Latest virus definition file published

>>	2008-12-02

Información de Seguridad

>>	Internet gaming - new opportunities for the (shady) visionary
>>	Fighting malware on two ends

Consejos de Seguridad

>>	Una actualización crítica para sistemas Microsoft en noviembre de 2008
>>	Actualización no programada para sistemas Microsoft

Norman es una de las empresas principales del mundo en el ambito de seguridad de los datos. La empresa juega un papel importante en la industria informatica, con los productos para antivirus (Virus Control), cortafuego personal y antispam.