Vulnerability Information and Resources
The Internet is probably the best place to turn to for vulnerability information. A hacker will find an open port on your computer and research all the possible vulnerabilities that are associated with that open port. Hundreds of Web sites, mailing lists, and other forums discuss computer vulnerabilities. Table 10.2 highlights some of these resources. Regardless of your existing security experience, you should consult these resources on a regular basis to stay abreast of the latest security developments.
| Web Site | Location | Description |
|---|---|---|
| Security Focus | http://www.securityfocus.com | Security site containing news tools, mailing lists, and a wide variety of security-related resources |
| Technotronic | http://www.technotronic.com/ | Security site containing news, tools, mailing lists, and a wide variety of security-related resources |
| Nomad Mobile Research Center | http://www.nmrc.org/ | Good information in several areas of hacking; includes tools |
| Packetstorm | http://packetstormsecurity.org | Security site containing news, tools, mailing lists, and a wide variety of security-related resources |
| Bugtraq | http://www.securityfocus.com | The premier list for discussion and announcements related to new vulnerabilities: what they are, how to exploit them, and how to fix them |
| Forensics | http://www.securityfocus.com | Discussion list on computer forensics—technical and policy-related issues |
| Incidents | http://www.securityfocus.com | Discussion list on computer incidents—information on new attack methods, signs of intrusions, information on new worms, Trojan horses, and viruses |
| Pen-test | http://www.securityfocus.com | Discussion list for penetration testing—tools, methods, techniques, and network auditing |
| NT Bugtraq | http://www.ntbugtraq.com | Focused discussion list for Windows-related problems |
Based on the results of the footprinting analysis and the results of vulnerability research using the resources mentioned in the previous two tables, the attacker might have a means of breaking into the system. For example, during the port scans shown in Listing 10.7, the attacker determines that one of the FTP services running is wu-ftp 2.6. After doing research on a site like www.securityfocus.com, the attacker then learns that vulnerability is associated with that version of wu-ftp. At this point in time, he might have a possible entry point into the system.
The good thing about all this is that countermeasures are usually associated with all of these vulnerabilities. The appropriate vendor involved has addressed most vulnerabilities. Along with the vulnerability and exploit information, practically all of the resources listed in Table 10.2 also address the defensive side so that users can protect themselves. Later in this chapter, we will look at how Microsoft addresses vulnerabilities with its product update features.
How does this affect your privacy? Your ability to secure your machine directly affects your ability to maintain your privacy. Today's machines are vast repositories of personal data. Everything from your Quicken files to personal e-mail on your hard drive has a wealth of information about you. Leaving a machine unsecured is practically akin to inviting intruders. The rest of this chapter will discuss the basic security features found in common operating systems.