Editorial: Should We Thank the Hackers for These Security Breaches?

Let’s set a very stripped down scene here. A person with malicious intentions decides they want to break in to a website, steal people’s identities and sell those identities on the black market for a huge profit without a care of what happens to countless innocent victims. So, this person invests some time in figuring out how to break in to a large organization. The person breaks in successfully, steals hundreds of thousands of identities. By the time the organization knows about the breach, let alone the public, the crime has already taken place and the sale of this sensitive information has already happened. Who gets the blame here: the person that broke in to organization in the first place to commit the crime or the organization for failing to keep their organization secure enough from such intrusions?

Chances are, such a question will garner a wide variety of opinions ranging from “how awful it is that someone would sell peoples identities?” to “what was the organization thinking allowing for such a thing to take place?”. The real question that should be asked, in my view, is what are the details of that incident? Did this hacker go to the extreme lengths of corporate espionage? Like, did this person take a job offering, got hired on and did some sort of sophisticated inside job? Did this person simply rip open a paper door and picked up an insecure, unattended laptop off of someones table? Such details, in my view, alter who is more responsible for the security breach.

Some of these security breaches that have happened lately, for me, really places the blame on some of the organizations that got hacked. First, what should be expected of someone who works as a security arm of an organization? If someone’s job is to monitor the security of a website for a large organization, what should they be doing? For me, I would expect them to at least know a thing or two about internet security and how to secure a website. Next, be aware of how people are breaking in to websites in the first place and asking, “OK, this is how this person did that on x website, how could this affect our website and how are we guarded against such an attack if we are?” Finally, assess the likelihood of different attacks and build or fix the website accordingly. I would argue that one could go a step further and deliberately find ways of hacking in to your own website for security purposes and patch up the website accordingly. Heck, why not hire a skilled independent hacker and monitor that person as they try and hack in to the website and figure out how to patch the site accordingly? Other things I might expect would be encrypting personal information. If personal information is on server y, then it better have security as tight and strict as US copyright laws. Ideally, not all of the information would be stored on a single server if you are a large company. So, really these are just some of the expectations that first come to mind for me (someone who wouldn’t know everything there is to know about securing a website of a large organization) when it comes to web security of a large organization.

MS DOS commands | RIDER DOWNLOAD SOFTWARE

So here you have my contribution:

MS-DOS commands Network:

netconnections control: Open Network Connections

netsetup.cpl: Open Network Connection Wizard

ping domain.tld: Verify connectivity to a server

tracert: Trace the path of an IP address

netstat: Show the session TCP / IP

route: Display the local path

arp: Displays the MAC address

hostname: Displays the computer name

arp: Displays and allows modification of the ARP tables, responsible for converting the IP addresses of each computer MAC address (physical address unique to each network card)

ftp:Cliente FTP command line mode

getmac: Displays the MAC addresses of network adapters you have installed on your system

ipconfig: Displays and renew the configuration of all network interfaces * Ipconfig / setclassid: Change / modify the DHCP class ID

nbtstat: Displays the statistics and current connections NetBIOS protocol over TCP / IP, shared resources and resources that are accessible

net: Allows you to manage users, shared folders, services, etc. For a complete listing of all options, type net with no arguments. For help on any particular option, type net help option

netsh: console mode program can view, modify and diagnose network configuration

netstat: Information about the network connections of our team

nslookup: Application-oriented network information in the DNS servers on a particular host

pathping: Displays the path that each packet to reach a specific IP, the response time of each of the nodes through which it passes and statistics for each

ping: command to check if a machine is networked or not

rasdial: Sets or end a phone connection

Route: You can view or modify network routing tables

tracert: Report on the path taken by IP packets from leaving our machine until it reaches its destination.

======= Command files and file systems:

cacls: Changes the read / write permissions on files and folders

chkdsk: Check the status of a partition and repair the damage if you find one. Without parameters simply scans and reports errors. Addition to repair, add the / F: chkdsk / F

cipher: Encryption of data on partitions

NTFScomp: Compare files or folders and shows the differences between them

compact: file compressor.

Network World

InfoWorld

Network World

Basic programming for computer literacy

Ethernet networks, design, implementation, operation, management