Information Security News
One of our daily tasks is to assess and improve the security of our customers or colleagues. To achieve this use security tools (linked to processes). With the time, we are all building our personal toolbox with our favourite tools.Yesterday, I read an interesting blog article about extracting saved credentials from a compromised Nessus system. This in indeed a nice target forthe bad guy! Why?
Such security tools deployed inside a network have interesting characteristics:
The first blog article reminded me other bad stories with security products:
And the same remains valid also with monitoring tools like Nagios.
The security of security/monitoring tools must be addressed like any other regular asset. Access to them must be restricted, logged and they must be installed with least privileges. But hats what you already do, right?
Xavier Mertens (@xme)
ISC Handler - Freelance Security Consultant