Attacks/Breaches
12/26/2007
04:00 AM
50%
50%

The Gifts That Keep on Giving

Holiday gifts of gadgets and storage devices can create nightmares for IT

2:00 PM -- With Christmas only one day behind us, are you ready for the influx of new digital gifts into your network? New storage devices in the form of portable musical players and USB thumb drives hidden in a pen. Phones that include digital organizers and PDAs. Laptops. New 802.11 WiFi or Bluetooth wireless networking devices.

These new devices pose a real threat to your organization's security. If you haven't already taken measures to protect yourself, then it's time to hunt down rogue devices that could accidentally lead to a breach in your network.

New laptops plugging into the network are an everyday issue for many organizations. In an ideal world, companies facing this problem will already have a mechanism in place to prevent unknown machines from plugging in: network access control, network port security that restricts access to known MAC addresses, or a program that requires machines be registered before getting a usable IP address.

Some methods for protecting the network against rogue laptops will be similar to those used to restrict mobile device access. Most users don't realize that the convenience of wireless networking, especially when unsecured and unknown to corporate IT, is a huge security risk.

Portable storage devices -- MP3 players, thumb drives, and even digital photo frames -- are a stickier situation. Some organizations take the extreme approach, putting epoxy in the USB ports to prevent their use. This is the poor man’s way of stopping unauthorized USB devices, and it isn't very practical.

There are other ways to handle the problem, such as modifying the Windows Registry or buying a software solution that can control USB devices. Many antivirus vendors are including security features that can control USB device access -- some even allow access only to pre-defined device serial numbers.

These threats aren't new, but they require closer attention during the holiday season, when users get new gifts that they are itching to try out and impress their coworkers with. If you've not already taken measures to protect against these things, it may be too late now. But look on the bright side -- you've got a year to prepare for the next holiday season.

— John H. Sawyer is a security geek on the IT Security Team at the University of Florida. He enjoys taking long war walks on the beach and riding pwnies. When he's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1701
Published: 2015-04-21
Unspecified vulnerability in Microsoft Windows before 8 allows local users to gain privileges via unknown vectors, as exploited in the wild in April 2015.

CVE-2015-2041
Published: 2015-04-21
net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

CVE-2015-2042
Published: 2015-04-21
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

CVE-2015-0702
Published: 2015-04-20
Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.

CVE-2015-0703
Published: 2015-04-20
Cross-site scripting (XSS) vulnerability in the administrative web interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCus95857.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.