The role of Windows file server in the network is crucial. They host sensitive files, databases, passwords, and more. When the file server goes down, the network is likely to be embarrassed. If they are destroyed, it is equivalent to opening the Pandora's Box.
The following is a real case of a file server attacked by the author. Share with you what happened and how these vulnerabilities were exploited to compromise the system - all from a hacker's perspective. This will help you learn more about how the system vulnerabilities are seen in the news and how to understand security issues in combination with specific situations – helping you to detect your server security from a whole new perspective, you will know not all Security issues are unfathomable.
Step 1: Discover a patch that is not installed
Install all the important security updates you know about Microsoft and scan with my favorite vulnerability detection tools. You will find that there must be a vulnerability that may be attacked.
You will often find that most Windows file server security vulnerabilities are caused by forgetting to install patches, which often cause attacks inside the network. Much of this is due to the fact that many networks do not deploy intrusion protection systems internally - all internal connections are trusted. If there are criminals in your company trying to control your Windows server, it will be a hassle.
Let's take a look at an internal attacker's perspective to see how a vulnerability that forgot to hit the Windows patch was discovered. All he needs is an internal network connection and several security tools that can be downloaded for free: NeXpose Community edition and Metasploit.
Here are the specific steps:
Users with bad intentions scan the network by installing NeXpose -- or a series of important servers that he knows -- to scan for vulnerabilities.
Then he discovered that a MS08-067 vulnerability in a file server allowed 'arbitrary code' to be executed, which seems a bit ridiculous.
Then the user can enter the Metasploit checklist page to see the vulnerability.
Then he downloads and installs Metasploit, adds some parameters, and then creates commands that give you full access to your server, as shown below.
Figure 1. Check Metasploit MS08-067 vulnerability
1
This is related to the Windows system and vulnerable The application can be repeated over and over again, even if you don't understand it at all. Think about how terrible this can be: delete files, copy backup SAM databases and sensitive files, add/remove users, and more. If you have a server on the public network for public access but no firewall protection, the same type of attack can happen through the INTERNET.
It is also important to remember that the network connections mentioned above can be obtained over an insecure wireless network. A common example is the ability to connect directly to your network via a wireless hotspot that was originally provided to the scanning device in the warehouse. Whether they use WEP, WPA or other encryption to ensure the security of these scanning devices, any device that is within a certain distance (usually in your parking lot or next to the building) can easily access you. The network thus launched an attack.
Step 2: Sniffing the network to get useful information
Speaking of insecure wireless networks, malicious alien attackers sneak into your network to obtain sensitive information, generally using some wireless network analysis. Tools such as CommView for WiFi or AirMagnet WiFi Analyzer. In addition, if an attacker can get a physical connection to your network (or a trusted user), he can use tools to perform ARP attacks, which allows him to penetrate your Ethernet 'security' control and get from you. Get whatever he wants in the network.
Why do you have to do this when attacking a file server? Quite simply, an attacker can easily obtain a password via SMB, POP3, WEB, FTP, and Windows authentication dialogs and then use it as an illegal direct link to access your file server.
Figure 2. Using a tool like Cane%Abel can be easy or password
In the second half of this article, we will show you how to get sensitive files and indirectly affect the file server. The steps of a secure attack.
The so-called no rules are not square, and the sequential files can always be found. If you meet som
According to foreign media reports, Dell announced on Tuesday that the company will stop selling PCs
In the process of using XP system, it is inevitable that some problems will be encountered. For exam
The drive letter is the identifier of each partition, and Windows recognizes the partition by the dr
Windows system comes with the drive letter hiding function introduction (1)
The difference between Win XP system and Ghost installation version
How to deal with XP user account blanks
WindowsXP can't switch users how to deal with it?
Windows XP system security coup
WinXP server prompts that the specified network name is no longer available
Save the crashed Windows XP operating system
Windows XP skills - weight loss articles
What processes are hidden in the depths of the system?
How to install WinXP system NetBIOS protocol?
Win10 preview version 10537 get started: dynamic demo window effects win10 10537 update details
How to add address bar to Win7 taskbar
Win10 enters multiple ways of safe mode
Win7 system restore, image repair Raiders
Play Win8 consumer preview version must know the shortcut key: Win+X
What do you need to reinstall the system? System reinstallation notes
Win8 gesture function disables graphics
Analyze the three major tools interface between Vista and the system