Is it safe or not? Five misunderstandings of network security

Source: Internet
Author: User
Keywords Security MAC hacker Patch firewall misunderstanding
Many people now have a false sense of security about their data and networks; Firewall installed on the perimeter, anti-virus and Anti-spyware tools installed on the desktop, encryption technology to send and save data, and Microsoft and major security companies to continuously enhance security tools and patches ... Seems to be relieved, but is it? Here are five big misconceptions about security and see if your data is as safe as you might think. Misunderstanding one, encryption ensures data protection data encryption is an important link to protect data, but not without error. Jon Orbeton warns: Now hackers are becoming more sophisticated with sniffer, able to intercept SSL and SSL trading signals and steal encrypted data. While encryption helps protect stolen data from being read, the encryption Standard has several vulnerabilities. Hackers can exploit these vulnerabilities as long as they have the right tools. "Hackers are trying to avoid security mechanisms," Orbeton said. "Misunderstanding two, the firewall will let the system impregnable Stevethornburg is the development of semiconductor networking solutions Mindspeed technology company engineers, he said:" Many people say: ' We have a firewall. ' But the firewall function is good, after their IP data traces can still be read. "Hackers can learn more about the servers and the computers connected to them by tracking the IP traces that contain the network address of the system, and then use the information to drill through the loopholes in the network." So it appears that only firewalls and encryption are clearly not enough. Network administrators should not only make sure they run the latest and safest version of the software, but also keep an eye on the operating system's vulnerability reports, keeping a close eye on the network and looking for signs of suspicious activity. In addition, they will give clear guidance to end-users who use the network, advising them not to install new software that has not been tested, to open executable attachments to e-mail messages, to access file-sharing sites, to run Peer-to-peer software, to configure their own remote access programs and unsafe wireless access points, and so on. The problem, Thornburg says, is that few companies are willing to invest financial and human resources to keep them safe. "They know it's not going to be popular because it lowers productivity," he said. Cost is the main problem, because these companies are concerned about the bottom line of costs. "Misunderstanding three, hackers ignore old software some people think that if the old system is running, it will not become the target of hackers, because hackers only focus on the use of more extensive software, and these software versions than we are using the new." That is not the case, Johannes Ullrich said. He is chief technology officer at the--sans Internet Storm Center, a security analytics and early warning service, which publishes warnings about vulnerabilities and errors. He cautions that for hackers, a Web server that hasn't been updated recently or patched up is a common point of attack. "Many older versions of Apache and IIS (Internet Information servers) will be attacked by buffer overflow. "If the storage cannot handle too much information, there will be an overflow and a buffer overflow problem will occur." Additional information is always spilled somewhere, so hackers can exploit the system's vulnerabilities to allow additional information to enter the wrong place. While Microsoft and apache.org released patches to address buffer overflow problems a few years ago, many of the old systems were not patched. Misunderstanding four, Mac machine is very safe. Many people also believe that their own Mac system, like the old system, is not vulnerable to hackers attack. However, many Mac computers run Windows programs such as Microsoft Office or are connected to Windows machines. As a result, the Mac machine also inevitably encounters Windows user vulnerabilities. "It's just a matter of fact," said Gary McGraw, CTO of security expert Cigital, "that there is a cross-platform virus for Win32 and OS X." The MAC OS x environment is also vulnerable to attack, even if it is not running Windows software. A recent report by Symantec found that 37 vulnerabilities were identified in Mac OS X in 2004. The company warns that such vulnerabilities could increasingly be targeted by hackers, especially as Mac systems become increasingly popular. In October 2004, for example, hackers wrote a script virus called opener. This script can disable Mac OS x firewall, get personal information and password, door so that the Mac machine can be remotely controlled, and may also delete data. Misunderstanding five, security tools and software patches make everyone safer. Some tools allow hackers to "reverse engineer" a patch that Microsoft releases through its Windows Update Service (Reverse-engineer). By comparing changes in patches, hackers can figure out how patches solve a vulnerability, and then find out how to use patches. "New tools developed today revolve around the same basic theme: Scanning for vulnerabilities," said Marty Lindner, the head of the event-handling team at the Computer Emergency Response team at Carnegie Mellon University's Software Engineering Institute. Scan the Internet for a detailed list of vulnerable machines. The tools developed assume that each machine is vulnerable to a vulnerability, and then just run the tool. Every system has a loophole; nothing is absolutely safe. "Google is among the tools commonly used by hackers, and it can search and find vulnerabilities in many sites, such as the server login page by default," he said. Google has been used to look for unsafe webcam, Network vulnerability assessment reports, passwords, credit card accounts and other sensitive information. New variants of the Santy worm and Mydoom have recently exploited Google's hacking capabilities (Google hacking). Has even begun to emerge Johnny.ihacWeb sites like kstuff.com, which provide links to more and more Google hacking techniques. Earlier this year, McAfee released an updated version of the Sitedigger 2.0 tool, which has some new features, such as finding out if a site is vulnerable to a Google hacker attack. Although the purpose of this tool is for administrators to test their networks, hackers may also use the software to look for vulnerabilities in any site. Responsible Editor Zhao Zhaoyi#51cto.com TEL: (010) 68476636-8001 to force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title party (0 Votes) passed (0 Votes) The original text: In the end safe and unsafe? Five misunderstandings of network security return to network security home

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.