Ways to exploit a simple network?

If your users browse the internet,  you must protect your workstations from infection.  Simply going to the wrong website without the proper, fully updated, AV software can compromise your system.  Once this is done, and you have a compromised system on your network, your network can no longher be considered secure.

This is the most common way I have seen networks compromizsed.

Thanks. How does this relate to my question though?

I want to know how someone outside the LAN could access my network to use a browser, to browse websites.

What are you concerned about people accessing in your network? If your terminal server was compromised then they could access it and browse from there, if terminal services are published to the outside.

For someone to get in, they would have to compromise your router or TS server. Router is not very likely unless you have a crap password. If the ts sever is patched and secured correctly you should be safe.

Well, lets say one of your workstations is compromised by hostile software.  Once the system is comprimised, it could allow an attacker to take full MANUAL control of the system.  
It would do this by reach OUT through your firewall to the attacker.  
Once controlling your workstation through the outbound hole it makes in the firewall, the attacker could then use this to browse the web from that system, or even use it as a source to hack other systems.


Is that clear?  Or do you want more details?

hmm, sounds like a Hacker101 question.

I'd recommend reading up on security best practices. work this problem backwards, this isn't a hacker school and I imagine I'm not the only person that isn't completely comfortable spewing out a bunch of info that could be used for nefarious purposes. (not to imply that's your intent).

get a firewall with Intrusion detection, close all ports not needed.

If there's no firewall how is there a list of open ports. an exposed network will have many ports open.

while not a firewall a simple router is actually a pretty good stop-gap against any amateur

CompProbSolv: Thanks for the answer, it is the most appropriate out of all.

In reality, how difficult would it be to guess a regular TS password? eg: John000
The same question applies to connecting to wifi physically.

Korbus: Thats clear. However my question relates to gaining access from outside, without help from inside the LAN (such as software to compromise security being accessed by a user on the LAN).

For this purpose, the LAN/Office is unattended - PCs are turned on but not used by anyone.

Thanks. You say: "It is just easier to get a compromised computer than brute attack a network."

What are the most common ways one would attempt to compromise a computer?

Are keyloggers still used, or thats just old technique?

Thanks Korbus, that is good info. Although I would imagine a password such as John000 would be relatively simple to crack using brute force.

For cracking passwords they need to be able to run the possibilities, so if ad locks the account after a number of failed attempts that will prevent this. Realistically you don't have to worry about this as long as there is a lockout and some kind of complexity.

Most common way to compromise a computer is by the user. Have them download a virus through email or a site. That is how RSA was hacked. It isn't worth the time off an attacker to find a vulnerability in the public facing infrastructure instead of getting a user to click on something, most of the time.

Time and time again, users will be the weak point in security. If you were to do a spear fishing attack test, you would probably be shocked by the results. It is always surprising how many people will enter their username and password into a site that looks similar to what they expect.