February 26, 2002
The internal computer system of a county government was broken into. The county's IT staff had previously set up a network for employees to telecommute in through, and they suspected that this network was what made the break in possible. They contacted VESARiA (then known as qDefense Information Security Services) to audit the network.
After discussing the issues with the county's IT manager, it was decided that a preliminary security scan was called for. VESARiA audited the network, examining each machine, one by one.
Numerous weaknesses were found. Some of the externally accessible services were vulnerable to buffer overflow attacks (see, for instance, section 2.2). Other hosts did not use sufficient encryption (see section 2.1). The vulnerabilities were documented and explained, and precise instructions for correcting them were included. Where appropriate, additional background information, and links to vendor announcements and patches, were cited.
Most disturbingly, the dual Microsoft IIS web servers used as gateways to the county's Citrix servers were deployed in a highly insecure manner. Since the large amount of details describing the vulnerabilities could be overwhelming, VESARiA broke them up into five categories. The report prepared by VESARiA summarizes each category, using a representative example from each one, in sections 2.3.1 through 2.3.5. Thus, the report was useful to the entire IT staff, and not just security specialists. The remainder of the technical details were presented in Appendix C of the report.
Due to the gravity of these vulnerabilities, VESARiA prepared a special appendix (Appendix B), detailing a precise procedure to secure these IIS servers. This Appendix guided the county's staff, step-by-step, in how to redeploy their servers securely.
include('phone.php') ?> include('address.php') ?>
|© 2000 - 2018 Vesaria Network Security Specialists|
|Call Us at include('phone.php') ?>|