Case Study
Microsoft Sharing Vulnerabilities
Sometimes even the best protected network can get infected. In this case, a client had a very strict firewall policy that did wonders at keeping out trouble, even at the expense of a less usable network. Internet access was only allowed between certain sites and even the e-mail server was outside the firewall.
In this case, the client felt so secure with a firewall that he enabled sharing across many machines within his network. Sharing in read-only would have reduced the impact of this break-in but unfortunately they had full permissions and without passwords except in two cases where the password was the machine name.
The infection came from the client’s laptop which he plugged in at home to a DSL line. Since the DSL did not have a firewall, the laptop was compromised. Then, when he connected the laptop to his office network it infected everything.
Solution — The only way to clean up this disaster was to reformat and reinstall all software on all the machines. Never think that since you have strong security in some areas means you can ignore security in others.
- IIS Security Case Study
- Return to More Internet Security Case Studies
- Return to the Internet Security Information Home Page
Pingback: Session ID Hijacking | Network Security Technology