Security Corner

Oct 10 2010   1:54PM GMT

Five Poor Security Practices That Hackers Exploit

Ken Harthun Ken Harthun Profile: Ken Harthun

Security audits are vital if you plan to keep your network safe in today’s environment. It doesn’t have to be complicated. Here are 10 of the most common poor security practices that hackers exploit.

  1. Using weak passwords – Don’t even get me started on this one! Most of the time it’s easy to guess someone’s password because they don’t follow good password procedures. Articles abound, including many of my own on the subject. Ramp up that password strength.
  2. Lack of web and email filtering – Trojan horses delivered via drive-by downloads and links in spam are common. Web filtering (OpenDNS is a good one to use, and free, to boot) and good spam filtering go a long way toward preventing both. Links pointed to known malware/phishing sites will be caught and stopped before doing any damage.
  3. Not changing defaults – We’ve all been guilty of this one, from not changing the administrator account name to installing operating systems and applications in their default directories. Don’t forget about default passwords on routers, switches and other network equipment; these are all published and freely available on the Internet.
  4. Using unsecured wireless networks – Anything traveling in the clear, especially over a wireless network, is subject to sniffing and capture. It’s trivial to capture usernames and passwords when they’re not encrypted. This is particularly true on publicly-accessible wireless networks.
  5. Failure to apply security updates – Nearly all malware is designed around specific security vulnerabilities in operating system and application software. If these vulnerabilities are patched on every system in your network, the malware is impotent. It’s also vital that you stay up on the security news for notices of zero-day exploits; complacency about security is dangerous.

While there is much more that can and must be considered in a serious security audit, these five things will go a long way toward making your network much safer and more difficult to attack.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: