Management Server Security Risks

A management server is a platform used within organizations to deliver centralized management services that include the employment of a comprehensive security policy, chain of command security management, monitoring of real-time applications, logging activity, auditing of programs, and compliance reporting. The management server also monitors all of the firewalls, database applications, and security applications.

Management servers contain many monitoring and reporting systems, filters and directory servers. This is the primary reason they present multiple opportunities for hackers to exploit existing vulnerabilities in the software that is deployed on the server as well as compromise the server that hosts the software.

Affected Components of Management Servers

  • Client Configurations and Patches: These are configurations that are hosted on the server for the purpose of patching vulnerabilities and monitoring client configurations for programs that are used on a regular basis. If a hacker is successful in penetrating these configurations, it opens up the network to the installation of malicious software.
  • Scanners: Management servers deploy scanners for viruses, spam, phishing, and other malicious attacks. Although the scanners scan for unauthorized access, the software can contain its own vulnerabilities. Hackers can exploit the vulnerabilities by simply sending an email message with virtually no user interaction. Once the message reaches the email client, it can send spam containing malicious files.
  • Directory Servers: These are servers that store directories of user and system information. They are used to make necessary changes to usernames and passwords as well as system configurations. If a directory server is exploited the hacker can gain access to large amounts of crucial and sensitive information.
  • System Monitors: Management servers usually have multiple system monitors that perform various different functions for monitoring a server and the software that is hosted on the server. Some of the system monitors track client usage and if they are exploited, the hacker gains access to the systems that the client uses.

How to Protect Against Management Server Vulnerabilities

In addition to using a vulnerability scanner and keeping track of security announcements that are provided by software vendors, you can take the following precautions:

  • Use an Automatic Update System: Make sure that the latest service packs contain a method for updating the system automatically otherwise, vulnerabilities could occur due to oversight.
  • Use Operating System Security Settings: The management server programs are run on a variety of different systems that include Microsoft Windows, Solaris, Novell, and others. These systems each contain their own security settings in which the default settings are not set at the highest security level. Make sure you configure the settings to provide the highest security protection.
  • Use Intrusion Detection: In addition to a firewall, use an Intrusion Detection System that detects unauthorized access to software and the host server. This should include limiting who has authorized access to the systems and the software.
Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.