Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Fox News server found unsecured
Network's site left file directories and sensitive content exposed
July 23, 2007 12:00 PM ETIDG News Service - Security analysts spotted a gaping security hole in Fox News Network LLC's Web site on Monday, revealing file directories and sensitive content, although it appears the problem has been fixed.
Several directories were visible on a server for Fox News that should normally not be accessible by a Web browser over the Internet.
A systems administrator may have forgotten that the directories were viewable over the Internet or erroneously changed the permissions needed to view the directories, said Ronald van den Heetkamp, who runs the blog "The Hacker Webzine." The Fox News site runs on the Apache Web server software on Ubuntu Linux.
"This isn't a very clever idea," wrote van den Heetkamp, in an e-mail to IDG News Service. The security problem is "huge enough, and a few sensitive files have been found."
Also exposed was an FTP (File Transfer Protocol) connection to ziffdavis.com, plus a username and a password in a bash file, which is a Linux shell script used in this case to automatically login into an FTP server and grab news headlines, van den Heetkamp said.
It would be hard to directly exploit the Web server, but being able to see how the Web site is structured could open other ideas for an attack in the future, van den Heetkamp said.
"They will have tons of people downloading their data right now as we speak, which is bad in any case," he said.
Fox officials were not immediately available for comment.
Reprinted with permission from
IDG.netStory copyright 2009 International Data Group. All rights reserved.
fox news network
Additional Resources
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
Death to PST Files
Download Now
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Tape Killed the IT Guy
Watch Now
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
Computerworld Reports
Sign up to receive updates on the latest Security resources
