Attacks/Breaches
12/26/2007
04:00 AM
50%
50%

The Gifts That Keep on Giving

Holiday gifts of gadgets and storage devices can create nightmares for IT

2:00 PM -- With Christmas only one day behind us, are you ready for the influx of new digital gifts into your network? New storage devices in the form of portable musical players and USB thumb drives hidden in a pen. Phones that include digital organizers and PDAs. Laptops. New 802.11 WiFi or Bluetooth wireless networking devices.

These new devices pose a real threat to your organization's security. If you haven't already taken measures to protect yourself, then it's time to hunt down rogue devices that could accidentally lead to a breach in your network.

New laptops plugging into the network are an everyday issue for many organizations. In an ideal world, companies facing this problem will already have a mechanism in place to prevent unknown machines from plugging in: network access control, network port security that restricts access to known MAC addresses, or a program that requires machines be registered before getting a usable IP address.

Some methods for protecting the network against rogue laptops will be similar to those used to restrict mobile device access. Most users don't realize that the convenience of wireless networking, especially when unsecured and unknown to corporate IT, is a huge security risk.

Portable storage devices -- MP3 players, thumb drives, and even digital photo frames -- are a stickier situation. Some organizations take the extreme approach, putting epoxy in the USB ports to prevent their use. This is the poor man’s way of stopping unauthorized USB devices, and it isn't very practical.

There are other ways to handle the problem, such as modifying the Windows Registry or buying a software solution that can control USB devices. Many antivirus vendors are including security features that can control USB device access -- some even allow access only to pre-defined device serial numbers.

These threats aren't new, but they require closer attention during the holiday season, when users get new gifts that they are itching to try out and impress their coworkers with. If you've not already taken measures to protect against these things, it may be too late now. But look on the bright side -- you've got a year to prepare for the next holiday season.

— John H. Sawyer is a security geek on the IT Security Team at the University of Florida. He enjoys taking long war walks on the beach and riding pwnies. When he's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-1793
Published: 2014-12-25
rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."

CVE-2011-1794
Published: 2014-12-25
Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp in the SVG filter implementation in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ...

CVE-2011-1795
Published: 2014-12-25
Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document con...

CVE-2011-1796
Published: 2014-12-25
Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaS...

CVE-2011-1798
Published: 2014-12-25
rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown othe...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.