forum.opennet.ru

Составление сообщения

Исходное сообщение

"GlobalSign временно приостановил выдачу SSL-сертификатов из-..."
Отправлено Аноним, 07-Сен-11 22:36

Из "отчёта". Хочется плакать. :D
4.4
Current network infrastructure at DigiNotar
The successful hack implies that the current network setup and / or procedures at DigiNotar are not
sufficiently secure to prevent this kind of attack.
The most critical servers contain malicious software that can normally be detected by anti-virus software.
The separation of critical components was not functioning or was not in place. We have strong indications
that the CA-servers, although physically very securely placed in a tempest proof environment, were
accessible over the network from the management LAN.
The network has been severely breached. All CA servers were members of one Windows domain, which
made it possible to access them all using one obtained user/password combination. The password was
not very strong and could easily be brute-forced.
The software installed on the public web servers was outdated and not patched.
No antivirus protection was present on the investigated servers.
An intrusion prevention system is operational. It is not clear at the moment why it didn‟t block some of
the outside web server attacks. No secure central network logging is in place.

Исходное сообщение
"GlobalSign временно приостановил выдачу SSL-сертификатов из-..." Отправлено Аноним, 07-Сен-11 22:36
Из "отчёта". Хочется плакать. :D 4.4 Current network infrastructure at DigiNotar The successful hack implies that the current network setup and / or procedures at DigiNotar are not sufficiently secure to prevent this kind of attack. The most critical servers contain malicious software that can normally be detected by anti-virus software. The separation of critical components was not functioning or was not in place. We have strong indications that the CA-servers, although physically very securely placed in a tempest proof environment, were accessible over the network from the management LAN. The network has been severely breached. All CA servers were members of one Windows domain, which made it possible to access them all using one obtained user/password combination. The password was not very strong and could easily be brute-forced. The software installed on the public web servers was outdated and not patched. No antivirus protection was present on the investigated servers. An intrusion prevention system is operational. It is not clear at the moment why it didn‟t block some of the outside web server attacks. No secure central network logging is in place.

Ваше сообщение

Имя*:

EMail:

Для отправки ответов на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру