Ethical hackers should know the common security weaknesses that hackers and malicious users first check for when hacking into networks and applications. Security flaws, such as the following, should be on your checklist when you perform your tests:
Gullible and overly trusting users
Unsecured building and computer room entrances
Discarded documents that have not been shredded and computer disks that have not been destroyed
Network perimeter with no firewall
Poor, inappropriate, or missing file and share access controls
Unpatched systems
Web applications with weak authentication mechanisms
Wireless systems running with default settings and without WEP, WPA, or WPA2 enabled
Laptop computers and smartphones with no drive encryption and/or power-on passwords
Weak or no application, database, and operating system passwords
Firewalls, routers, remote access, and dialup devices with default or easily guessed passwords
dummies
Source:http://www.dummies.com/how-to/content/common-security-weaknesses-that-hackers-target.html
No comments:
Post a Comment