Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Features

Introduction

The unfortunate bottom line of networking security problems is that hacking happens because it is allowed to happen. Most cases of fraud could have been prevented if people had just adhered to sensible protocols and properly implemented available security solutions. It cannot be stressed enough that the big problem with IT security is people - you, me, and the vast majority of people in the world who interface with IT systems.

It is far easier to get vital information from a person than it is to extract it from a well organized and protected computer system. That's seems like a fantastic statement, but it is absolutely true. If a complete security architecture is deployed, maintained and followed, then it is very difficult to penetrate systems. But humans are another problem entirely.

Absolute faith in a security system can ultimately be its greatest weakness, as people grow accustomed to it and fail to hold up their end of the bargain. Every wall has a gate through which people can walk; conventional hacking involves breaking this gate down. Social engineering is getting the gate keepers to wave you past with a smile on their faces.

To focus your mind for the next couple of minutes while you read through this article, let me tell you a story. For the distinct purpose of legality, I'm going to clearly state that this story is a figment of my imagination.

Hiding In Plain Sight

Suppose that I'm asked by a firm to configure some Internet application servers. This is a very high profile hacking target: an online financial institution.

I'm hired to work on a server farm. After introducing myself to the staff and conducting some initial meetings, I get to work at a console that is provided for me in the main IT area. I bring in my own laptop and configure it for DHCP and simply plug into the system. Out of habit, I run a quick scan looking for other devices that are running in promiscuous mode (sniffing) on the system. This might point to a previous or current visitor, or company security software looking for illegal activity on the network.

The server room is located several floors up, and all entrances and elevators are secured by access control cards, not unlike a credit card. For me to access this area I have to ask someone to accompany me and provide access by swiping their card. I need to do this a couple of times a day as the need arises.

Following a short period of working on site, everyone is tired of traveling around the building using their key cards to open doors and operate elevators on my behalf. Trust builds as familiarity breeds contempt, and within two weeks I'm getting a loan of employees' pass cards, and a short time later I have my own temporary key card.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

As per the title.I've been looking through the forums a fair amount today to see what version to upgrade to as there a lot of comments indicating vari...
Are there any plans to create a Merlin version of the ASUS firmware for the new RT-AX86U? I only ask because I have one on order and it's due to be wi...
Introduction:THIS IS A BETA VERSIONBug reports and questions can be reported in this thread This add-on must be used with Voxel Firmware.This is an u...
I live in Canada so the only channel options available are 36 to 48, and 149 to 165. This knocks out any option to be able to use 160MHz and get full ...
My ASUS AC86U ( updated with MERLIN firmware) to run OpenVPN service (PIA).Until I made the ASUS setting changes discussed below, all was good ( AFIK)...

Don't Miss These

  • 1
  • 2
  • 3