funkyd wrote: |
Having a chat with my sys admin we got round to chatting about how well the network was protected.
'We have a NAT firewall' he proudly stated. 'So what' I replied. His next point was that 'NAT is good enough because there has to be a vulnerability for a hacker to get onto your systems' |
funkyd wrote: |
Is he right? Can a hacker only get onto the network if there is a vulnerability? Even a DOS works on there being some hole or other that allows the DOS to work in the first place? |
funkyd wrote: |
I know that NAT is not enough but I'm not knowedgeable enough to say why - so at the moment I look like an idiot. |
funkyd wrote: |
Can someone realistically get admin passwords from our web servers on our DMZ if we are fully patched up on Win2k and IIS? |
funkyd wrote: |
Ditto our trusted network. Can you plant a trojan on a web server with AV installed? |
funkyd wrote: |
I said a good hacker could disable the AV if he had the admin password and then plant his trojan and have remote access.... |
b4rtm4n wrote: |
Folks are confusing business v private use even after some earlier explanitory posts.
Take as an example.... Trojaned email comes in to employee X. Being the average luser he/she opens it and has a compromised system. Having a simple NAT router the trojan then connects out to the attacker giving them the toe hold in the network they need. At home what do they get -- root your box, you reformat. In business they can root the accounts, customer db, payroll, systems. All without requiring a vulnerable service on a public listening port. You can't affford to take that chance and want to stay employed in ITSec. |
Ol Man wrote: |
But dont you need to be able to run the code as the user for rootkits to work. |
Ol Man wrote: |
And a business would have AV on all machines. |
CHeeKY wrote: |
And hacking your conn aint just the only way to get in, I can do emails that when opened will send back IP's of internal network etc and then you start to understand TCP sequencing? |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours