Wednesday, October 3, 2007

Meeting 2nd October 2007

During this meeting the true identity of Fyodor was revealed, so those who missed can keep guessing.

He started out by giving us a brief summary of his skills and interest in the IT field then went on to discuss several vulnerabilities commonly found in our networks.

The first major point that emerged is that many networks are predictable- How many of us take the time to change the default passwords and configurations? also discussed footprinting and exploration used by intruders to gather info about systems.

The first technique dicussed was banner grabbing using nmap to fin open ports and the version of the server running- the first step in finding your way in. A solution given was to change the default greeting e.g " go away we are patched"

The next technique dicussed was SQL injection and how it can be used to gain access to databases on Oracle or MySQL. Soultions given were 'idioit proofing' to make sure that overflows can not occur, making sure database has a password, validating input, no default account.

He later went on to discuss exploration tools such as nmap- to find out status of ports, nmblookup- to display shares on remote machines using SMB, rpcinfo and how to use telnet to find out users profiles on mail servers.

Lots of info, a series on security could be set up soon and Fyodor said he will avail material some time soon.

No comments: