Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Security Is Kid Stuff

    By
    Jim Rapoza
    -
    July 6, 2007
    Share
    Facebook
    Twitter
    Linkedin

      It takes a thief to catch a thief, or so the adage goes. Its not clear how this plays out in the general crime-fighting world, but its true when it comes to securing IT assets.

      Most IT and security staffers wont have the time or skill sets to attain the expertise that high-level hackers and security researchers have, but learning to think like your most common opponent isnt that hard. And the most common attacker of your IT resources is the “script kiddie.”

      Most script kiddies have an IT skill level at or below that of a well-trained IT person. But what they do have is knowledge of simple hacking tools and how these tools can be used to subvert technology and basic security systems.

      /zimages/3/28571.gifThinking like a hacker is an effective method to ward off attacks from malware writers. Click here to read more.

      Thats why eWEEK Labs recommends that anyone dealing with IT security become familiar with the same tools and techniques used by script kiddies today. Many of these tools can actually be quite helpful in understanding the potential weak points in your own security systems.

      Here in the Labs, for example, we gained a newfound appreciation of the potential security problems in VOIP (voice over IP) implementations when we were able to use the network tool Cain & Abel to sniff and record discussions on a VOIP network.

      /zimages/3/180394.jpg

      In fact, many of the more common tools used by both security researchers and script kiddies are essentially straightforward network and system analysis tools that are useful in daily IT administration, including Ethereal and Nessus.

      However, there are some script kiddie tools you shouldnt fool with, especially those designed to create and deploy worms and rootkits. Bringing these into your environment is just too risky, though its still worthwhile to read up on these tools and understand their possible uses.

      More importantly, having the ability to think like your most common security foe will make it potentially easier to convince executives at your organization of the dangers of security holes.

      /zimages/3/28571.gifHow do you turn a small group of security pros into an organized online crime group? Read the six rules here.

      Its one thing to say that a company resource is vulnerable to hacking, but its quite another to be able to use test systems to actually show executives how a system could be subverted.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Jim Rapoza
      Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr Rapoza's current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×