|
|
This section describes how to setup/configure secure services on both the Internet and the intranet. In particular, information is provided on how to "harden" these services. If you put a server on the outside Internet, you must consider the following common attacks.: - FTP "filez" transfers
- If you allow files to both be written to and read from by anonymous users, hackers will find those accounts and use them to transfer "warez", MP3 files, and porn.
- spam relay
- If you allow the "relay" feature on SMTP servers, spammers will find your server and use it to forward spam through (to hide themselves and also take advantage of your higher-speed connection).
- user accounts
- If you allow user accounts that are publically available, then hackers will use them for their nefarious purposes, such as running IRC "bots".
- smurf amplifiers
- If you do not adjust your subnet masks and visible services, hackers will attempt to use your site as a "smurf" or "fraggle" amplifier to flood other victims on the net.
- sniffed passwords
- If you allow incoming protocols with clear-text passwords (Telnet, POP, IMAP, FTP, etc.), then these passwords will occasionally be "sniffed" off the wire and used by hackers to break into accounts.
- stolen passwords
- No matter what you do, there is a good chance that users accounts will be compromised and used to enter your network.
- website defaults
- If you put a web server on the Internet, you must carefully remove all "defaults", "samples", and "CGI scripts" or hackers will at minimum deface web pages or compromise the machine.
In all cases, only install the absolutely necessary services. If you are not sure what it is, disable it.
|
