Here is a real-life example of a file server attacked by a TechTarget China contract author. In the first half of this article, we showed you how to find a patch that is not installed, and how to sniff the network to get useful information. What are the next steps?
Step 3: Get sensitive files
I repeat this topic over and over again because the problem seems to get worse. The problem is that these sensitive information stored on unprotected shared servers can be accessed at will by anyone on the network - typically those public folders. why? My opinion is that network administrators often have too much information to manage, and users often do some sloppy operations on their files. Of course, for business management, there is no doubt that the security management of personally identifiable information is very important.
Here's what can happen:
A user with standard domain permissions (or a hacker who has obtained a legitimate user right) scans the network to find shared files. For example, GFI LANguard can bring this problem, it has a built-in tool for finding shared resources.
He finds shared resources and then tries to connect them one by one.
He found that there were too many files, and then decided to use the Windows browser's search function to filter, or faster and more powerful tools such as Effective File Search (EFS) to find sensitive information.
Attackers search for .doc, .xls, .txt, and similar text files containing keywords such as "ssn", "dob", "confidential", and so on. Undoubtedly, as long as he does not search for hundreds of documents, he will find something useful.
He copied this information and then used the stolen permissions to further damage, such as the competitors sold to them.
Repeat this time and test this question yourself. You will find that what I said is not false. What tools are available to find the type of document and keywords you want. If your file server is for public access (which is generally forbidden, but I see a lot of this), then hackers can do a lot of things with google queries to get sensitive server information. To test this, I recommend using Acunetix's Web Vulnerability Scanner, which has a built-in google attack database (GHDB) scanning feature.
Step 4: Investigate File Server Security Attacks indirectly
Finally, it is easy to find other vulnerabilities in your network and it is easy to indirectly cause file servers to be manipulated and attacked. Most of these are due to physical device security issues.
One serious problem I want to say is that the web management interface of devices in some data centers can be accessed by all users, including any users coming in through other insecure wireless networks in other buildings. Worse, this data center management application runs with the default user and password. This means that once you log in, you can disable the access control, the security alert can be changed, the log file can be changed, and so on. This is a good way for hackers to cover up the traces of the attack.
I have seen many times that file servers are completely open to the public (typically in busy financial companies, medical institutions, networks are fully open to local business systems). I'm talking about a network environment with no security controls at all - not even the most basic physical device security controls. These servers are often not locked to the screen, which can easily lead to administrator backdoors.
Hackers can also learn about the internal connections of the system so they can enter the system to steal the information they need when no one is there. Is it difficult to crack a Windows file server? Because the hard drives are not encrypted, all the hackers have to do is use some tools like Ophcrack Live CD or ElcomSoft System Recovery to crack or reset the system password, including the administrator password. That's why I recommend the encryption of the server hard drive, which is almost the last line of defense.
Finally - don't sit idle
Please remember that if a hacker can do this, then you should test it yourself. You can try to attack your windows file server yourself - in a malicious way - to see what can be done inside and outside the network without restrictions. Keep in mind that you should pay attention to the way you do these tests, so that you can use the right tools, at the right time, with the right tools, and so on.
The following tips mainly change some of the most frequently encountered items when using a computer
XP system is an older Windows system, and now Microsoft has stopped security updates for XP. Some XP
Symptom: When you start the system interface, you cant open anything, you have to wait a minute or s
How to make IE allow to install objects with invalid signatures Phenomenon If an object contains inv
Several common methods for hacking WinXP (4)
Clear items left in the system after software uninstallation
System failure: Windows XP continuously restarts
The WinXP back button is grayed out.
XP system prompts Rundll32.exe application error how to solve?
Why can't the system's virtual memory be set successfully?
20 special execution commands under Windows
27 stroke optimization tips for releasing C drive space under Windows XP
Solution for player plugin corruption
The rookie must see the tutorial: What is the difference between BIOS and CMOS?
Introduction to the three major application skills of the control panel in Win7 system
How does win7 computer prohibit users from accessing LAN
How to open the service manager
Use and manage BYOD in a Windows Server 2008 environment
Win8.1 computer can not connect to CMCC, Chinanet and other WiFi hotspots
What should I do if the Win10 app store and Xiaona are abnormal at the same time?