Vulnerabilities of Windows and Linux Servers
Organizations are always faced with threats that make their server vulnerable. As the Information security officer at a medium-sized company, I will identify and describe three risks that may cause the Windows and Linux server of the company vulnerable. One of the vulnerabilities of the Windows server in the company is the Windows 10 Wi-Fi sense contact sharing (Sinha, 2019). Automatically, Windows 10 is prone to sharing Wi-Fi credentials to Facebook contacts, skype, and outlook, in an attempt of making Wi-Fi sharing and hotspot easier. Therefore, these contacts can get access to the Wi-Fi network without being authorized, thus leading to compromises of information of the company. Another Windows shortcoming is Win32k evaluation of privilege (Sinha, 2019). This shortcoming is present in the Windows 10 graphic user interface component, which allows the hackers to gain control of a Windows machine via privilege escalation. The third vulnerability of Windows is the redirect to the server message block (Sinha, 2019). This is a shortcoming that can impact all the versions of Windows. The Windows user gets redirected to a malicious server message block-based server, where their credentials are vulnerable to theft.
Linux servers in the company also have shortcomings. The first one includes programming defects (Sinha, 2019). Most of the security updates offered by Linux solve one or more programming defects. Each of these security updates offers different security risks to the Linux server. Another vulnerability of the Linux server in the company is weak configurations (Sinha, 2019). Software packages are known for coming with their setting. The configurations usually instruct the software on how it should be operated and what logic steps should be applied or avoided. While most of these default configurations are functional, some may negatively impact the security measures of the server. The third vulnerability is the CVE-2017-18202, which affects the before 4.14.4 versions (Sinha, 2019). The shortcoming lies in the file that helps kill a process when the memory runs low. The vulnerable version of the data might mishandle operations; therefore, opening doors to hackers, or possibly triggering a copy_to_user call.
Ways to Keep Up to Date on the Vulnerabilities
There are various ways to ensure that any case of Windows server and Linux server shortcomings are identified. Through installing high priority updates, I can be kept up to date on matters concerning the vulnerability of the servers (Feeser et al., 2019). Through these updates, any form of unauthorized access is made known; therefore, the server will be protected and is maintained to run smoothly. By installing and running a Microsoft baseline security analyzer, I can know about the shortcomings of the Windows server (Feeser et al., 2019). This software scans the Window-based computers for any security misconfigurations and eventually generates individual security reports for each node that it scams. Therefore, whenever there is any shortcoming with the windows server, it is reported through the scan and can be easily fixed. Through the use of the package manager, I can keep track of the shortcomings of the Linux server. The package manager will allow me to update the Linux server with one command; therefore, making me aware of any bridges of security.
Recommendation for a More Secure Server Infrastructure
The company should make a routine to run a network security audit. The audit should cover the firewall configurations and check whether the firewall configurations are up to date and protected from the exploitation by hackers. The review should also include asset identification, which is essential as it helps identify any potential weakness and identify ways of fixing it. The company should allow the staff to be trained in cybersecurity awareness. The training will help the employees to know the risks that exist and how to fix some of the risks. The organization should limit the number of people who can access the servers of the company. The employees should be restricted to having only minimum-level access to the servers; therefore, preventing unauthorized persons from stealing the organization’s data.
References
Sinha, S. (2019). Finding Command Injection Vulnerabilities. In Bug Bounty Hunting for Web Security (pp. 147-165). Apress, Berkeley, CA.
Feeser, C., & Spreha, C. A. (2019). U.S. Patent No. 10,430,209. Washington, DC: U.S. Patent and Trademark Office.