Vistas for Network Security
Enterprise security
Effective solutions
Tools and standards
Free Newsletter

Stay updated, sign up for our free newsletter to receive useful tips

Full Name
Email Id
sign up

Windows: Application and service component Weakness

Another major source of vulnerability is that of a poorly configured XP client. The major areas of vulnerabilities are
  • CPU cache and memory
  • Log files
  • Password files
  • Hidden files
  • Malicious code web pages or MIME headers in email.
  • Trojans via media players
  • Instant messaging and news group postings.
Among other vulnerabilities more specific to network computers are
  • Profile setup (local or roaming) and improper logging off from a machine and the tendency to share login with some one who has log in problems. This creates a mixed profile which then creates vulnerabilities
  • Domains share a common security base. Logging onto the central server requires a user name and password. The domain controller and the backup domain controller keep a database of accounts that are called Security Accounts Manager. These are the most sought after files by hackers. If one machine is compromised then there is logical access to every other machine on the domain.
  • Trees and forests are on a higher level than domains. Ten or twenty computers exist in domain, which is then connected to a tree which is then connected to a forest.
    Rate this Article
      Excellent

      Good

      Average

      Bad

      Terrible

    rate

    Current Rating
    The forest makes up the entire network enterprise. If one domain is compromised the attacker tries to slowly move upward and take control of the whole network through a variety of means
Windows Services
Many exploits were fine tuned by attackers to go past loop holes and within the code and configuration of windows systems. The operating systems most affected were network operating systems and their services. Remote access vulnerabilities led to remote code execution in many of the below services.
  • MSDTC and COM+ Services
  • Print Spooler Service
  • Plug and Play Service
  • Server Message Block Service
  • Exchange SMTP Service
  • Message Queuing Service
  • License Logging Service
  • WINS Service
  • NNTP Service
  • NetDDE Service
  • Task Scheduler
Special mentions are that of the back office that include the exchange server and SQL server

SQL server vulnerabilities are
  • Buffer overflow in user authentication and database console commands.
  • Corruption of memory
  • Denial of Service
  • Elevation of privilege attack when scheduled jobs are executed.
Exchange server vulnerabilities are
  • Buffer over flow
  • Denial of service
  • Remote code execution
Related Articles
Essentials of a Network: Network Security
How is the Security of your Network Compromised?
Network Security and Linux: Is it really better?
Is your Home Network Safe From Viruses and Hackers?
How Secure is Your Wireless Network?

Bookmark this page Email this to your friend Add this page to del.icio.us


Suggest an Article

Haven´t found the article you are looking for, please suggest your article. We value all your suggestions and comments.