It appears that China, while superb on offense is lacking somewhat on defense. The author, Paul Roberts, describes his tests on Chinese systems and finds them quite lacking. It appears that China has much the same weaknesses as the US and others based upon a distrust of open source and an insistence of reinventing systems. The result is system as open to attack and disrupt as ours, if not more so.
Two quotes says it all:
I think China is growing very fast and there aren't enough people to maintain the infrastructure. They have more networks and government sites than their own government can even maintain. They don't have the manpower or even the knowledge to maintain them. And, in many ways, China is still playing catch up with the US. They're an aggressor in cyberspace, but their own networks are very weak and poorly designed. I'm not saying that to shed a negative light on China, but there's so much out there that they just can't maintain it all. Beyond that, there's a lack of trust in Western products - even open source products. A fear that people will put back doors in them, which really misunderstands what open source is about, which is: if we have a lot of eyes looking at the code, people will spot problems and fix them.
Its really not hard. In fact, the amount of data I have found that is not intended for public consumption is amazing. I stopped after three terabytes. These systems are not maintained and are all vulnerable to attacks. HTTP is just one attack vector, but there are many others. For example: there was an LDAP server that was accessible from the Internet and it running a vulnerable version of PHP and, in addition, everything on the server was running as root. I find that a lot - its a bit of laziness by system administrators that makes their job easier. I was able to compromise the the server and then simply enumerate the directory and find other file servers and systems on the network that weren't connected to the Internet. Another example is China's National University of Defense Technology. They had a bunch of Web servers that weren't using SSL or HTTPS, so everyone was logging in using plain HTTP. All you needed to do was compromise one box and you could sniff all the user names and passwords in clear text.
No comments:
Post a Comment