Aug 16 2013
The forgotten systems
We all know the moments when new systems are put into use, and all the blood sweat and tears that has gone into it is soon forgotten. Finally the system is running and we can make use of it and it will simplify our work.
But there comes a day when the system is outdated and new ones are about to be taken into use. Then what happens to the old systems?
Depending on the function, you even have to do with legislation that demands that you keep the systems running because data on it, should be kept for more than 5 years du to for example tax legislation. There are usually quite valid reasons for these system to keep them up and running.
But don’t forget these old systems let them participate in the patch and security policies because they are often forgotten and then they are an easy target to gain access and can be a jump server into the rest of your IT systems.
Some advice:
- On a regular bases PEN (Penatration testing – for example with Qualys) test your systems
- Isolate these systems so they can still be used but only when necessary
- Check regularly if these systems are being used
- Take decommissioning seriously
And perhaps unnecessarily, but we should also apply these advices to test, research and acceptance systems. These are also quite often overlooked when it comes to potential security risks.
Aug 20 2013
ZMap network scanner
ZMap can be used to study protocol adoption over time, monitor service availability, and help us better understand large systems distributed across the Internet. While ZMap is a powerful tool for researchers, please keep in mind that by running ZMap, you are potentially scanning the ENTIRE IPv4 address space and some users may not appreciate your scanning. We encourage ZMap users to respect requests to stop scanning and to exclude these networks from ongoing scanning.
ZMap main website: ZMap
By MyShare • Security • • Tags: Network, Security