• Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Menu
  • Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Phone-alt Linkedin

Hacks – Importance of configuration management

Hackers are smart and know a lot of simple tricks to get around the cybersecurity defences that companies spend a huge amount of dollars and time to implement. Once inside a network one of the main aims is to steal data and exfiltrate it to an external destination; this is considered one of the most damaging types of attacks, as it is targeted with intent and the victim organisation has lost sensitive data.

You can send files outside of a network using the simple PING command, which is also known as the ICMP protocol. Using a simple and easily accessible programme called ‘pingsend’, and a script easily found on the internet, empowers a hacker to steal data from within a network, using a common protocol.

By breaking up a file into 16-byte packets the process is possible by “padding” the file into the ICMP packets. As ICMP is an internet native protocol it can bypass firewalls and proxies, if allowed (usually a configuration oversight), and out onto the internet. Without advanced detection controls in place, such as IDS or IPS this activity would go unnoticed if not prevented.

Small security oversights like this can be damaging to any size organisation. Cyber products are only as good as their ongoing configuration and management. 

Recent blog posts

Common Vulnerabilities and Exposures – October 2022

Read More »

Hacks – October 2022

Read More »

Protecting your data – The CIA Triad – Part One: Confidentiality

Read More »

Need help with this?

Enter your details below and one of our team will get in touch

Other Similar Articles

Amazon Web Services (AWS) Cloud Solution

Read More »

Encryption

Read More »

Why is penetration testing important for your business

Read More »

Polkit Vulnerability CVE-2021-4034 (Local privilege escalation vulnerability)

Read More »
View all our blog articles
Linkedin
  • Insights
  • Contact Us
Menu
  • Insights
  • Contact Us

Our Office

Level 2, 157 Walker Street, North Sydney, NSW 2060

Call Us

(02) 9136 6066

Email Address

info@brace168.com