Speaking of unsecured wireless networks, all it takes for a malicious outsider to hop onto your network or glean sensitive information from it is to load up a wireless network analyzer such as CommView for WiFi or RFprotect Mobile. Furthermore, if he's able to obtain a physical connection to your network (or he's a trusted user), he can load a tool such as Cain and perform ARP poisoning allowing him to bypass your Ethernet switch 'security'...
and grab anything and everything off your network.
What does this have to do with hacking file servers? Easy -- the attacker simply gleans password information from SMB, POP3, Web, FTP, and even Windows authentication attempts right off the wire as shown below and uses that information as a direct link for unauthorized access into your file servers.
Passwords are easily gleaned of an Ethernet network.
Hacking file servers
Step 1: Exploiting a missing patch
Step 2: Sniffing the network for juicy info
Step 3: Stumbling across sensitive files
Step 4: Executing related hacks that indirectly affect file servers
|ABOUT THE AUTHOR:|
|Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books including Hacking For Dummies, Hacking Wireless Networks For Dummies, Securing the Mobile Enterprise For Dummies (all by Wiley), as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver ~at~ principlelogic.com. Copyright 2006 TechTarget|