Home > Articles > Security > Network Security

  • Print
  • + Share This
Like this article? We recommend

The Security Breach

Web site defacements of all kinds are not slowing down[md]they're increasing in number and sophistication. To see how common defacements are, check out Attrition.org, a site that contains quite a bit of information on defacements on the Net.

Hackers depend upon you for a successful defacement of your web site content. Lack of a planned network infrastructure and lapses in software patches as well as good security practices give malicious intruders the keys to your network. Malicious crackers can access your network manually; another method is to use worms like NIMDA and CODE RED that take advantage of configuration errors in your software to use automated techniques to make changes to web site content, by adding JavaScript to HTML or providing root access to a machine that then can automatically permeate your network.

The CODE RED worm—a self-replicating malicious code—exploits a known vulnerability in Microsoft IIS servers. While the CODE RED worm appears to merely deface web pages on affected systems and, due to its self-replicating nature, sends itself to other randomly chosen hosts from the infected machine, the IIS indexing vulnerability it exploits can be used to execute arbitrary code on a local network. With this level of privilege, the worm gives the malicious attacker complete control of the victim's system.

  • + Share This
  • 🔖 Save To Your Account