1.6 - Various Types of Vulnerabilities Flashcards
Security Concerns Associated with Various Types of Vulnerabilities
1
Q
Zero-Day attacks
A
- Vulnerability has not been detected or published
- Increasingly common
- Very difficult to mitigate
2
Q
Open Permissions
A
- Very easy to leave the door open (hackers will find it)
- Increasingly common with cloud storage, higher statistical change of finding an open permissions (misconfiguration)
- Attackers spend a lot of time in cloud repositories looking for these vulnerabilities
3
Q
Unsecured Root Accounts
A
- Can be a misconfiguration that leaves the administrator or superuser account open
- Or using an easy to hack password
- To combat - disable direct login to the root account (use the su or sudo option)
4
Q
Error
A
- Error messages can provide useful information to an attacker
- Ex: may show service type, version information, debug data (memory values)
5
Q
Weak Encryption
A
- Weak Encryption protocol:
- weak protocols: DES (3DES is stronger) but both are weaker than AES
- weak length of encryption(< 128 bits)
- weak Hash used (MD5 (outdated))
- Wireless Encryption (WPA)
6
Q
Cipher suites
A
- Stay up to date with industry latest approved
- TLS (Transport Layer Security protocol) - is on the browswer, but there are over 300 cipher suites, some are very secure and some are not
- Avoid weak or NULL encryption (128 bits or smaller)
7
Q
Strong Encryption
A
- Strong Encryption protocol:
- Strong protocols: AES (DES = weak)
- strong length of ( > 128 bits (like 256))
- Hash used (SHA)
- Wireless Encryption (WEP)
8
Q
Insecure protocols
A
- Some protocols aren’t encrypted
- “In the clear” protocols sends all traffic in the clear
- Ex: Telnet, FTP, SMTP, IMAP
9
Q
Packet capture
A
- See if you can read through packet capture, if you can read it in plain English, it’s not being encrypted in transport
10
Q
Secure Protocols
A
- Use encrypted protocols
- Ex; SSH, SFTP, IMAPs
11
Q
Default settings
A
- Attackers know many ppl will not change default user name / password
- Ex: Mirai botnet - takes advantage of deafult user/name password for these IoT devices
- 60 + default configurations
- Your camera, router, doorbell can become part of a botnet
- Mirai botnet is open source so attackers can download and modify!
12
Q
Open ports and services
A
- Services will open ports
- This creates an opening into the server
- Let the good ppl in and keep the bad ppl out
- Often managed with Firewalls
13
Q
Firewalls
A
- Software based firewalls running on the server
- Network based firewalls running on the ingress/ egress part of the network
- Commonly have a rule set that will allow /disallow access to different ports on the IP address
- Firewall rulesets can become complex can be easy to make a mistake
- To combat - double, triple check (test and audit)
- look for mistakes with ports/ ip addresses, anything that allows access to a service
14
Q
Patch managed
A
- The update server determines when you path
- test all of your apps patches, load onto central server, then deploy
- efficiently manage bandwidth
- Often centrally managed, priority for many orgs
- Patches can be associated with firmware or OS or associated with applications
15
Q
Legacy systems
A
- Often to turn off
- Often systems are running beyond the end of life, security concern
- May keep legacy systems, but may need to add additional firewalls/ security around the system