Threat Analysis On The Server Administration

1655 WordsDec 11, 20157 Pages
Threat Analysis Threats to the Server 1. Poor Server Administration Server administrators are required to maintain a broad range of security safeguards in order to secure a server. While backups are a valuable tool, it is not a replacement for preventative measures meant to protect the server. If the administrator is not diligent or sufficiently knowledgeable they can introduce a broad range of security issues. When an administrator does not configure and monitor logs, an attack in progress can be missed, as well as reviewing any evidence left behind after an attack to develop new procedures to block future incidences. Failing to implement a patch policy for the system and software installed can leave the server open to attack. Server administrators who do not change settings from default settings also leave the server open to unused services that are not needed being left open, and default passwords in place. 2. Misconfigured Security When security settings are not implemented properly or secured correctly attackers can exploit these settings. This can mean default accounts being compromised, exposing the systems files, and data. Authentication settings and user privileges on the server can be misconfigured giving incorrect settings and allowing privilege creep as well as privilege escalation on the server. 3. Insecure Website settings As the website is a component of the server, and is a public facing entity, it serves as a potential door for attackers when
Open Document