contact newsletter links about services home
Banner
Nav Bar

netTracers FAQs
Q: The level of concern over network security has grown significantly over the past years - but why?
  • Software reasons: More code and more application and communication layers means more statistical chance of coding and software interaction anomalies that manifest as security vulnerabilities
  • Internet connectivity: More "crackers" with better connections, better computers and more cracking info available. Recent DCOM exploits (welchia/nachi) were created online by loosely associated hackers within about a month of the notice of DCOM vulnerability, that is down from about a year for NIMDA
  • New connectivity technologies: High-speed digital cable, DSL, 802.11, Bluetooth, 2.5 and 3G cellular technology
  • Cyber-terrorism concerns: Iraq, N. Korea, China
  • Political hactivism, war with Iraq, anti-corporate, anti whatever business you are in
  • Disgruntled Former employees


Q: According to the US National Institute of Standards and Technology (NIST) "an ongoing process must be used to maintain the continued security of public web servers". Where does netTracers fit into that process?
A: According to the NIST, "Maintaining a secure web server requires constant effort, resources, and vigilance. After a web server has been deployed, web administrators must monitor it on a daily basis to assure the continuing level of security. The following steps are essential to maintaining the security of a web server:

  • Configuring, protecting, and analyzing log files
  • Backing up critical information frequently
  • Maintaining a protected authoritative copy of the organization's web content
  • Establishing and following procedures for recovering from compromise
  • Testing and applying patches in a timely manner, and
  • Testing security periodically
(http://www.itl.nist.gov/lab/bulletns/bltndec02.htm)

netTracers provides the often neglected testing and monitoring processes.

Q: What major internet attacks have occurred in the past few years and did netTracers help prevent its customers from becoming victims of these attacks?
A: NIMDA, Code Red, SQL-Slammer, nachi/welchia - 2003: These all relied on already known vulnerabilities that we were scanning for on our customers' networks. netTracers customers' systems do not get compromised with these types attacks.

Q: What do the terms hacker and cracker mean?
A: The term "hacker" originally meant a "persistent coder", or programmer and computer savvy person. "Cracker" is the technical term for a hacker with nefarious intent. Most modern news articles and public discourse use "hacker" to mean the same as "cracker".

Q: What is the difference between a security exploit, trojan-horse and a virus or worm?
A: A virus is a definition of a class of security exploits that are transmitted via email, disk, or other means and is dependent on human or software weaknesses to propagate. A worm is a self-propagating virus, while a trojan-horse is a program that purports to do something that is either entertaining or useful, while hiding its real purpose from the user, thus enticing the user to launch it's "Trojan-horse" payload. A security exploit is any vulnerability that is exploited by either viral or human attack.

Q: How do these exploits get into my network?
A: They can enter your network via vulnerable routes such as e-mail, web and application (SQL/database) servers, telecommuter systems with VPN connections, unsecured wireless access points and other means. There are many other ways that your network is vulnerable to someone with malicious or greedy intent.

Q: What harm can this cause me?
A: Your private data may be transmitted to external parties who may be able to sell that information for profit, or use it to get into your partner or customer networks. Your systems may be used to launch attacks on other networks so that the attacker's tracks are covered by your network. Your file storage systems could be used to redistribute illegal software, movies, music or even pornography.

Q: What can I do to protect my network?
A: Creating and following a good set of Security Policies which includes the proper implementation of virus protection software, VPN's, personal firewall software, well configured, maintained and monitored corporate firewalls and then testing all of that security by having an outside company provide an Independent Audit of the application of those policies.

Q: How often should my systems be audited?
A: There is not one single answer that applies to everyone who asks this question. How often do contractors or employees modify your routers and network servers? What services are exposed to the internet? They should be audited after EVERY change to routers and servers, and after any major exploits or risks are discovered so that you can be assured that your systems have been properly secured.

Q: We don't even host our own web server, so why do we need netTracers' service?
A: A web server is not the only thing that crackers target, your internet connection may allow others to publish pirate software, music files, or they may use your systems to attack other networks and government systems.

Q: Is this really necessary? I do not have any data that any hacker would want. If my system is hacked, I'll just restore my backups and continue business as usual. I am not a hacker target.
A: You are a target if you have any vulnerabilities exposed.

Q: My IT group or consultant already does the same tests that you offer. Why should I use your services?
A: We are a hardware and software "agnostic", security consulting company and are not afraid to tell you that your network is in danger. We give you an objective assessment of your network's vulnerabilities. We assume nothing and may find things that your IT people miss. People do make mistakes and misconfigure routers and systems, or they forget to apply important patches. We are the friendly reminder to help keep your network secure and to let your IT people have some peace of mind knowing that there is a validation of their work.

Q: I have implemented WEP encryption in my 802.11 wireless LAN, so I am safe, right?
A: WEP is secure until there is another computer that has the WEP key. Any computer sharing the same 802.11 network and WEP key can look at all of the network traffic using that same key. This means that email passwords, NT domain authentication traffic and other potentially compromising data can be browsed by any other user. Tools are readily available to allow crackers to get your WEP keys.

Q: What are a few types of vulnerabilities that have you found in previous customer networks?
A: We have helped to identify out of date patches on Exchange and IIS servers, vulnerable unix mail and web servers, misconfigured firewall policies, default passwords in use on DSL routers, illegal music distribution site setup on an improperly configured ftp server, systems already compromised by crackers and many others.

Q: How is netTracers service different than an automated penetration testing service?
A: Take a look at the output from any automated penetration test utility and you will easily be overwhelmed with false positive, negative, and missing information. NetTracers utilizes a variety of tools to get a true vulnerability exposure assessment of your network perimeter. We then run additional manual and custom tests using our knowledge of networks and security to assess and summarize your real risks and provide you with a consolidated report so that you can secure your network perimeter. After you finish securing your network we do a follow up scan so that you can verify the work of your IT team or contractors.

Q: Can netTracers notify me of new exploits?
A: As a subscriber to any of our netTracers ongoing audit packages, you will be informed of new exploits that could affect your exposed systems as soon as those exploits are known to the security community. This could mean that you are alerted to vulnerabilities even before patches are available, allowing you to take alternate approaches to protecting your corporate information assets.

Q: Will netTracers fix my security problems?
A: netTracers can provide consulting services to help you to secure your network. We can help you to setup systems and train you operations personnel to keep your network security in-house.
© 2003 netTracers. All Rights Reserved. Privacy Policy