Several computer intrusion methods that are easily overlooked

The security precautions of computer information systems must be considered in a comprehensive manner. The emphasis is on the obvious security precautions. No matter how strong they are, hackers still have other opportunities to attack. So, what are the intrusive methods that are easily overlooked? The problem of stealing passwords/steps and passwords being stolen is constantly being raised every year, but not many people can learn these lessons and take practical actions to solve this problem. problem. It can be seen from this that the same security problem occurs every year, sometimes not the user does not understand, but the user is not willing to do it according to the requirements of solving it. Many aspects of today's computer applications use passwords to provide identity authentication, but if we are in a network environment that only uses passwords for authentication, passwords can be stolen, guessed, and brute-forced. Then, the risk of intrusion and hacking that this approach can bring is much greater than the multi-authentication approach. In fact, the password is just a string of characters that people type through the keyboard. We must keep in mind the password string we set so that it can be entered correctly when needed. Typically, for security, the passwords that are required to be set are of sufficient length, such as a minimum of 8 bits; sufficient complexity, such as where uppercase and lowercase letters, numbers, special symbols that can be used, and the like. However, it is not difficult to generate a password with sufficient security. It is difficult to remember this complicated password by the mind alone, especially when the password is longer than 16 characters. Not to mention that there are many aspects in the process of applying a computer that require passwords. If each password is different and meets the complexity requirements of the password, it is more difficult to remember so many passwords at the same time. Therefore, many users use the same password in many aspects in order to alleviate the burden of remembering passwords of various complexity levels. However, the user forgets that the password can be stolen by the hacker through dictionary guessing or brute force cracking. As a result, once the password is stolen by the hacker, all services using the password will have no security. Unfortunately, people seem to turn a blind eye to these problems in the process of using passwords. At present, some users also have the following behaviors of using passwords incorrectly. These behaviors are the main reason why passwords are easily stolen by hackers. The main reasons for these passwords being stolen by hackers are: (1) applying the same password to operating system login, application access, and network access and database access, which makes it only necessary to steal a password. Get all of this user's service permissions to use this password. (2) The user knows that a relatively complicated password needs to be set, but in order to prevent himself from remembering after a period of time, the passwords of these settings are recorded on the paper, and then the paper with all the passwords is recorded. Stick to the wall opposite the desk or the border of the monitor, or under the glass on the desk so that you can see and use it at any time. This prevents yourself from forgetting the password and facilitating the use of the password, but it also facilitates the hacker. The hacker only needs to enter the user's office, and then all the passwords of these users can be easily retrieved without any method. Some users pay more attention to the security of passwords, but they are also limited to recording passwords into a notebook, USB flash drive or other removable media, and carrying or locking these password-recorded media with them. But if the media that records the password is lost or forgotten to lock, the password can also be stolen by hackers. (3) When using some insecure network communication methods, such as FTP, unencrypted E-Mail or instant messenger to send data packets containing passwords, since these network communication will send data in clear text, if hackers These network communication packets can be intercepted using a network sniffer and the password can be easily obtained from it. (4) Another problem that causes password loss is the user's computer infected with the keylogger trojan program, which is mainly based on stealing passwords, and the screen monitoring or recording software for obtaining data input from the soft keyboard. (5) In addition, when computers are used in some places where video surveillance is installed, once the hackers can control these cameras, or if they happen to monitor the video surveillance equipment, they can view the users through the camera. Those keys are pressed when the password is entered, and the password characters can be recognized by the user's keystrokes. This way of stealing passwords should be seen frequently in movie footage. From the above-mentioned problem that caused the password to be stolen, it can be known that to reduce the security risk caused by this problem, the best solution is to use the composite identity authentication, use different passwords in various situations where passwords are required, and Train employees to use passwords safely, and use secure network communication methods such as SSL, VPN or OPENSSH to connect to the network, regulate user network operation behavior, and reduce the probability of infected Trojans in computer systems. “Doing homework” is not the homework that we usually refer to to complete the teacher’s department, but refers to some hackers from outside our network, who can detect and collect the security barriers used to understand the target. The specific process of information. In short, it refers to an ongoing process in which hackers focus on investigating public or non-public resources on our network, collecting as much information as possible and analyzing them so that they can find a breakthrough in which specific attack methods can be implemented. Since the hacker's process of collecting attack target information is very similar to our usual learning research, it is called the homework in the image. We all know that in war, we must know ourselves and know each other. The hackers also know this truth. Usually, hackers must attack a specific target. They often spend 90% of their time researching the target network. The more detailed the information the hacker gets, the easier the attack and the higher the success rate of the attack. . Therefore, before attacking a target network, hackers spend a lot of time researching and collecting all kinds of important information related to the target network in order to obtain a complete attackable solution. Now, hackers often have easy access to any information they want on the target network. Why? The biggest problem is that most companies are still not clear about whether data can be made public or not. They easily publish some important information related to the company to the outside world intentionally or unintentionally. Through the free information provided by these companies, hackers usually have to do very little homework and can organize the enterprise within a few minutes. There is a comprehensive understanding of the structure and operation. This provides an important information base for hackers to conduct social engineering attacks or physical attacks. However, many companies still do not pay much attention to the control of data that can be publicly announced within the enterprise. The following are some of the main behaviors that some companies easily leak important information inside the enterprise: (1) Some companies will call the phone numbers of senior leaders and important employees. The contact information is recorded in a certain address book and then distributed to each department, the purpose of which is to facilitate the employee's contact with the superior. But usually these address books are not kept strictly, but are placed at a place that can be easily taken by every employee, and some even allowed to be taken home by employees. In this way, hackers only need to fake an identity, such as sending a takeaway, it is possible to take away an employee's address book, and the hacker can easily obtain the internal organizational structure and contact information. (2) When the enterprise registers the WEB domain name, the company's company name, location, technical administrator's contact number, and the company's fax number are placed in the domain name registration service, so that when the hacker uses the enterprise domain name query At this time, you can easily get the important information left by the company. (3) Some companies sometimes print an internal publication on a monthly or weekly basis to convey the business theory of the company and create a good corporate culture environment for the company. In these internal publications, important information related to business operations is sometimes published, but the publication of internal publications of these enterprises is not strictly controlled. Not only internal employees are free to drop these publications carrying important information of enterprises, but sometimes Unintentional circulation to the outside of the enterprise gives the hacker an important way to understand the internal information of the enterprise. (4) The operation of a company always contacts other companies or institutions, and sometimes leaves some information related to the company in other institutions. Some companies are sometimes too casual to leave too much important information about the company in various third-party organizations. However, these third-party organizations are not 100% assured of the security of the data left by the company, which allows hackers to indirectly obtain enterprise-related data through these institutions. (5) Each company has a roster of employees who record information such as employee's home address, family contact number, work experience, family background, etc., and some companies sometimes unintentionally put this information on the Internet, so that hackers This information can be easily obtained simply by using a search engine. (6) Some physical defense work within the enterprise is not in place, and some enterprises do not even have physical precautions. This gives hackers the opportunity to obtain the required information through physical contact. (7) The company does not have strict control over the employee's network operating system. Some employees accidentally put important information of the company on the network, such as blogs or forums. (8) The employee of the enterprise is dissatisfied with a leader of the enterprise or enterprise, or the employee who leaves the company intentionally leaks the internal information of the company to the network. The content described in the above list only shows a small part of the problem of the enterprise. Some enterprises sometimes leak more information, so that the hacker can get the information he wants without further attack. For the attacked object, if the important information related to the enterprise is published in various public places too much, then when the attack event is found to be late, the problem will be the size of the loss. This article comes from [System Home] www.xp85.com