Seven misunderstandings of network security

Many people now have a false sense of security about their data and networks; Firewall installed on the perimeter, anti-virus and Anti-spyware tools installed on the desktop, encryption technology to send and save data, and Microsoft and major security companies to continuously enhance security tools and patches ... Seems to be relieved, but is it?

Here are seven misconceptions about security and see if your data is as safe as you might think.

Misunderstanding one, encryption ensures that data is protected

Encrypting data is an important part of protecting data, but it is not error-free. Jon Orbeton, a senior security researcher at Zone Labs, who develops ZoneAlarm firewall software, supports encryption, but warns that hackers are becoming more and more sophisticated with sniffer, which can intercept SSL and SSL trading signals, Steal encrypted data. While encryption helps protect stolen data from being read, there are several vulnerabilities to the encryption standard. Hackers can exploit these vulnerabilities as long as they have the right tools. "Hackers are trying to avoid the security mechanism," Orbeton said.

Misunderstanding two, the firewall will let the system impregnable

"Many people say: ' We have firewalls," Stevethornburg, an engineer at the Mindspeed technology company that is developing a semiconductor networking solution. "But the firewall functions are so good that they can still be read through their IP data traces," he said. As long as the hacker tracks the IP traces containing the network address of the system, it can understand the details of the server and the computers connected to them, and then use the information to drill the loopholes in the network.

So it appears that only firewalls and encryption are clearly not enough. Network administrators should not only make sure they run the latest and safest version of the software, but also keep an eye on the operating system's vulnerability reports, keeping a close eye on the network and looking for signs of suspicious activity. In addition, they also give clear guidance to end-users who use the network, Advise them not to install new software that has not been tested, open executable attachments to e-mail, Access file-sharing sites, run Peer-to-peer software, configure their own remote access programs and unsafe wireless access points, and so on.

The problem, Thornburg says, is that few companies are willing to invest financial and human resources to keep them safe. "They know it's not going to be popular because it lowers productivity," he said. Cost is the main problem because these companies are focused on the bottom line. "

Misunderstanding three, hackers ignore the old software

Some people think that if the old system is running, it will not be the target of hackers, because hackers only focus on the use of more extensive software, and these software versions than we are using the new.

This is not the case, Johannes Ullrich said. He is chief technology officer at the Security Analytics and early warning service,--sans Internet Storm Center, which publishes warnings about vulnerabilities and errors. He cautions that for hackers, A Web server that has not been updated recently or is not patched is a common point of attack. Many older versions of Apache and IIS (Internet Information servers) are vulnerable to buffer overflow attacks.

If the storage space can not handle too much information, there will be overflow, resulting in buffer overflow problems. Additional information is always spilled somewhere so that hackers can exploit the system's vulnerabilities, Get the extra information into the wrong place. While Microsoft and apache.org released patches to address buffer overflow problems a few years ago, many of the old systems were not patched.

Misunderstanding four, Mac machine is very safe

Many people also believe that their Mac systems, like the old system, are not vulnerable to hackers. However, many Mac computers run Windows programs such as Microsoft Office or are connected to Windows machines. The same is true of the vulnerabilities that Windows users face. As the CTO of Cigital, a security expert, said, "It's only a matter of a while before a cross-platform virus targeting WIN32 and OS X" appears.

The Mac OS X environment is also vulnerable, even if it is not running Windows software. A recent report by Symantec found that 37 vulnerabilities were identified in Mac OS X in 2004, and the company warned that such vulnerabilities could become increasingly a target for hackers, Especially since Mac systems are becoming increasingly popular. In October 2004, for example, hackers wrote a script virus called opener. The script can disable Mac OS x firewalls, get personal information and passwords, backdoor so that you can remotely control the Mac, and possibly delete data.