Windows: Application and service component Weakness

Another major source of vulnerability is that of a poorly configured XP client. The major areas of vulnerabilities are
  • CPU cache and memory
  • Log files
  • Password files
  • Hidden files
  • Malicious code web pages or MIME headers in email.
  • Trojans via media players
  • Instant messaging and news group postings.
Among other vulnerabilities more specific to network computers are
  • Profile setup (local or roaming) and improper logging off from a machine and the tendency to share login with some one who has log in problems. This creates a mixed profile which then creates vulnerabilities
  • Domains share a common security base. Logging onto the central server requires a user name and password. The domain controller and the backup domain controller keep a database of accounts that are called Security Accounts Manager. These are the most sought after files by hackers. If one machine is compromised then there is logical access to every other machine on the domain.
  • Trees and forests are on a higher level than domains. Ten or twenty computers exist in domain, which is then connected to a tree which is then connected to a forest. The forest makes up the entire network enterprise. If one domain is compromised the attacker tries to slowly move upward and take control of the whole network through a variety of means
Windows Services
Many exploits were fine tuned by attackers to go past loop holes and within the code and configuration of windows systems. The operating systems most affected were network operating systems and their services. Remote access vulnerabilities led to remote code execution in many of the below services.
  • MSDTC and COM+ Services
  • Print Spooler Service
  • Plug and Play Service
  • Server Message Block Service
  • Exchange SMTP Service
  • Message Queuing Service
  • License Logging Service
  • WINS Service
  • NNTP Service
  • NetDDE Service
  • Task Scheduler
Special mentions are that of the back office that include the exchange server and SQL server

SQL server vulnerabilities are
  • Buffer overflow in user authentication and database console commands.
  • Corruption of memory
  • Denial of Service
  • Elevation of privilege attack when scheduled jobs are executed.
Exchange server vulnerabilities are
  • Buffer over flow
  • Denial of service
  • Remote code execution
Related Articles
Essentials of a Network: Network Security
How is the Security of your Network Compromised?
Network Security and Linux: Is it really better?
Is your Home Network Safe From Viruses and Hackers?
How Secure is Your Wireless Network?


Effective Preventive solutions Network security includes the process of securing private and official data under authentic access control preventing system virus and hackers from attacking them.

Vulnerability Assessment
Intrusion Prevention
Firewall and Security Network Security Solutions Hacking Port Scanners

Tools and Standards Network Tools Network security includes the process of securing private and official data under authentic access control preventing system virus and hackers from attacking them.

Security Standard by IETF
Network Security Websites
Business Network policy

Network Security
Network Security Networking field take account of necessities and strategy that are followed by network administrators to monitor unauthorized access over computer network resources. Computer Security Breach Network Security and OS Linux Network Security Home Network Security Wireless Network Security
Enterprise Security
Security systems over enterprise network cover wide-ranged strategies that help to guard the network beside possible threats on system hacks and cracks. Spy BOT Advantages of Honey Pots Unified Threat Management Information Security Policy Denial Of Service
Suggest An Article
Haven´t found the article you are looking for, please suggest your article. We value all your suggestions and comments. Suggest

Home Sitemap Privacy Policy Contact Us Disclaimer Copyrights ©Copyright 2011 securingmynetwork.com All rights reserved. Read legal policy and privacy policy.