Step 4: Executing related hacks that indirectly affect file servers

File servers hold much of an enterprise's sensitive data and are certainly a prime target of malicious hackers. Security testing expert Kevin Beaver says you'd be surprised how easy it is to attack these servers, from inside or outside the network. Kevin outlines some of these techniques in this step-by-step guide.

Finally, it's easy to overlook other vulnerabilities in your network infrastructure that can indirectly lead to file server manipulation and exploitation. These mostly revolve around physical security. One serious issue I came across was where the Web interface for a data center's physical security management system was accessible to all network users and anyone that was able to hop onto an unsecured wireless network from outside the...

building. Even worse, it was running with the default username and password. Once you logged in, door sensors could be disabled, security alerts could be rerouted, log files could be tampered with and so on. What a great way for an attacker to cover his tracks breaking into the data center!

I've also come across several situations while visiting busy real estate offices, healthcare facilities, and even during "open house" networking events at local businesses where servers were completely accessible to the public. No doors, no locks, not even the slightest physical security measure. These servers almost always have their screens unlocked which can make an administrator backdoor easy as pie to setup. The bad guys can also gain a leg up on how everything is interconnected and accessible to steal after hours or when no one is around. Think a stolen Windows file server is not easy to crack? As long as the hard disks are not encrypted, all it takes is the right tools (such as Ophcrack Live CD and NTAccess) to crack or reset the administrator password. Certainly an incentive to use whole disk encryption on your servers as a last line of defense!

Don't sit idle

Always remember that if the bad guys can do it you need to be doing it as well. What I'm trying to say is that you've got to ethically hack your file servers -- with a malicious mindset -- to see what can be done by both unruly insiders and outside attackers. Keep in mind that there's a method to all this madness as I outlined here in my domain controller penetration testing tip. This will ensure you're performing your testing in the right way at the right time with the right tools and so on.

Finally, don't forget that file server hacking is not necessarily the exploitation of high-tech vulnerabilities that take days, weeks or months to execute like we see in the movies. It's more so someone with malicious intent with the right tools and a little bit of time exploiting a basic IT oversight. Even with the greatest of intentions, we all get busy and miss or forget about a specific patch, access control or other network hole. It happens to the best of us -- but it's those very weaknesses that the bad guys thrive on the most.


Hacking file servers

 Home: Introduction
 Step 1: Exploiting a missing patch
 Step 2: Sniffing the network for juicy info
 Step 3: Stumbling across sensitive files
 Step 4: Executing related hacks that affect file servers
ABOUT THE AUTHOR:
Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books including Hacking For Dummies, Hacking Wireless Networks For Dummies, Securing the Mobile Enterprise For Dummies (all by Wiley), as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver ~at~ principlelogic.com. Copyright 2006 TechTarget
This was first published in September 2006

Dig deeper on Windows Server and Network Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close