Securing your network without firewalls

Wednesday Oct 1st 2008 by DatabaseJournal.com Staff
Share:

It all seemed so simple. Your network team had implemented a deperimeterisation plan. They had protected what they thought were their most valuable assets: the credit card database, the Active Directory server, and the accounting system. So why had their customers' credit card details just been found on a Russian server?

[From ComputerWeekly]

It all seemed so simple. Your network team had implemented a deperimeterisation plan. They had protected what they thought were their most valuable assets: the credit card database, the Active Directory server, and the accounting system. So why had their customers' credit card details just been found on a Russian server?

The team did not secure the computer that maintained the network audit logs, and the credit card database box was programmed to trust the audit server. The hacker uploaded an attack script to get root on the audit log server, and then used that trusted relationship to launch another attack on the credit card database using the audit log machine's elevated privileges. You never saw it coming, and never knew how it was done, because he changed the logs to delete the evidence.

The article continues at http://www.computerweekly.com/Articles/2008/10/01/232523/securing-your-network-without-firewalls.htm

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved