Like all software, security solutions need to be maintained. You'd feel like a certified doofus if the software you bought to defend your network wound up letting an attacker in, right?
Well you can imagine how some ISS customers felt when the Witty worm came along. It used a vulnerability in the company's software to infect hosts. Unlike more benign threats out there, Witty caused considerable damage to the infected hosts.
Vulnerabilities in security products are the Holy Grail for crackers. Why would you want to find a vulnerability in notepad when you can find a gaping flaw in the very software that's used to protect data from misappropriation?
Many network intrusion detection products have turned out to contain vulnerabilities, across a large stable of vendors. Some of those flaws allow an attacker to take control of the NIDS machine simply by sending a packet across the network to nowhere in particular.
One flaw found in an "intelligent" firewall was a classic example of security technology getting too fancy to be effective. The firewall in question inspects Web requests as they pass through the device, checking them for suspiciously long or malformed strings.
Due to some downright awful coding, attackers could send a string to the Web server being protected by the device that would give them access to the firewall itself.
So if you don't want to be wiping egg off your face any time soon, keep an eye out for security patches for your security software.
Contents
Introduction
Authentication and Single Sign-On
Patch Management
Case study: When security software goes wrong
6%
3%
