Inappropriate Access to LAN Resources
One of the benefits of using a LAN is that many resources are readily available to many users, rather than each user having limited dedicated resources. These resources may include file stores, applications, printers, data, etc. However, not all resources need to be made available to each user.
To prevent compromising the security of the resource (i.e. corrupting the resource, or lessening the availability of the resource), only those who require the use of the resource should be permitted to utilize that resource. Unauthorized access occurs when a user, legitimate or unauthorized, accesses a resource that the user is not permitted to use.
Unauthorized access may occur simply because the access rights assigned to the resource are not assigned properly. However, unauthorized access may also occur because the access control mechanism or the privilege mechanism is not granular enough.
In these cases, the only way to grant the user the needed access rights or privileges to perform a specific function is to grant the user more access than is needed, or more privileges than are needed. Unauthorized access to LAN resources can occur by exploiting the following types of vulnerabilities:
- Use of system default permission settings that are too permissive to users
- Improper use of administrator or LAN manager privileges
- Data that is stored with an inadequate level or no protection assigned
- Lack of or the improper use of the privilege mechanism for users
- PCs that utilize no access control on a file level basis.
As LANs are utilized throughout an agency or department, some of the data stored or processed on a LAN may require some level of confidentiality. The disclosure of LAN data or software occurs when the data or software is accessed, read and possibly released to an individual who is not authorized for the data.
This can occur by someone gaining access to information that is not encrypted, or by viewing monitors or printouts of the information. The compromise of LAN data can occur by exploiting the following types of vulnerabilities:
- Improper access control settings
- Data, that has been deemed sensitive enough to warrant encryption, stored in unencrypted form
- Application source code stored in unencrypted form
- Monitors viewable in high traffic areas
- Printer stations placed in high traffic areas
- Data and software backup copies stored in open areas.