//
you're reading...
SQL Server

Hacking Your Workstation

I was recently the victim of a hacker. Fortunately this was an intentional hack but still opened my eyes to a few security vulnerabilities. Like many of you I use a laptop as my office workstation. As such I utilize strong passwords and encryption on sensitive files etc. I did not however give much thought to the internal wireless adapter on my laptop being active since we did not have a an internal wireless network and  I never used the internal wireless card opting instead to utilize my broadband card for remote support. During a recent audit I had left my laptop on and connected as I do occasionally as a backup for remote support purposes and the occasional after hours msdn software download.  As fate would have it on that particular night our external auditors were running a penetration test and were scanning for wireless devises from the parking lot. Although my laptop was physically secure they were able to discover my laptop via the wireless adapter leveraging some windows vulnerabilities and were able to bridge my internal wireless adapter. By utilizing some additional hacking tools and techniques they were able to breech files and information locally on my laptop. One such file was an encrypted password file that contained a list of sa logons. Fortunately the logons were stale (old) and they were not able to breech the network or any of the SQL Server environments. However, they were able to access some information that they should not have had access to and provided some embarrassing moments for a Sr. DBA.

Actions Taken:

1) I disabled the wireless adapter on my Laptop

2) Changed Network Logon credentials

3) I created a scheduled task the shuts down my laptop at 6:00 pm or if an hour of inactivity has elapsed

4) Moved any sensitive data like the encrypted password file to a secure location on the network and re-encrypted with a stronger encryption method (128 bit)

5) Removed and\or tightened security on any shares

Lessons Learned:

1) Be cognizant of your surroundings and think about threats from uncommon sources

2) Disable the wireless on your laptop

3) Don’t keep sensitive information on your local drive

4)Secure sensitive information in a network location with password and encryption protection

5) No public shares. Remove and\or alter the permissions to only those uesers or domain groups that need access to the local share.

6) Don’t leave your laptop (or work station) on for extended periods of time unattended even if it is in a secured location.

I know this is common sense but we all get busy at times and\or fall victim to a false sense of security(as I did).

Advertisements

About ldgaller

Accomplished Data Warehouse Architect, DBA and Software Architect with over 15 years of professional experience and demonstrated success designing and implementing solutions that improve business functionality and productivity. Highly diverse technical background with proven ability to design, develop and implement technology on an enterprise level. I approach all projects with passion, diligence, integrity, and exceptional aptitude.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: