Three Lines

Mar 24th, 2013

Comments: 0
Category: Uncategorized

Three Lines

We’ve decided that the results/recommendations coming out of most of the Internal Security Reviews we do can be summarised in three lines.

a)  Patch everything.  Not just Windows – everything.

b)  Change default credentials.  Don’t leave your main router with creds of admin/admin

c) Get rid of clear text protocols.  Ditch telnet for SSH and ftp for sftp

It doesn’t require Ninjas, Red Teams or Zero days to compromise most organisations, given access to their internal networks.  In fact why bother with anything fancy, when the most basic of techniques uncovers such glaring faults.



Add a comment

Your email address will not be shared or published. Required fields are marked *