Now this is not rocket science. In fact it's something any teenage student could accomplish with the minimum of research. So why is it still possible to conduct this exploit at the majority of sites I visit? The answer has to be a combination of ignorance and disinterest. When I studied the official Microsoft NT courses, security issues were barely mentioned, so many MCSEs will remain ignorant of things like null sessions or even what constitutes a secure password. Few organisations have invested in a staff member with a remit to monitor new exploits and produce security build standards, review existing installations and plug the holes. Then most managers continue to believe that a firewall is a panacea, either ignorant or disbelieving of the fact that the majority of hacks come from within the organisation. Senior management still fail to realise that anyone with Domain Admins privilege can read, alter and delete any document anywhere on their network - be it on a server, a workstation or even a laptop, and that there are often dozens of accounts with that privilege.

The apathy towards password security is frightening. The push from the top for more results using the same or fewer people and resources makes it unrealistic for security to feature in any meaningful way. We seem to be becoming more aware of security in general terms, but unwilling to make the investment in personnel, training and good solid procedures.




First Base Technologies are exhibiting at Infosecurity Europe 2006. Held on the 25th – 27th April 2006 in the Grand Hall, Olympia, this is a must attend event for all IT professionals involved in Information Security.