Misconfiguration
Misconfiguration can create vulnerabilities. Let's see how.
We'll cover the following...
Introduction
Never attribute to malice that which is adequately explained by misconfiguration.
— Zabicki’s Razor (with apologies to Hanlon)
Attackers are opportunistic. They won’t bother with a sophisticated attack where a simple one will do, and seeking out and exploiting misconfigured systems is one of the simplest attacks there is.
We need to develop the capabilities for ongoing monitoring of our systems to make sure we haven’t made the kinds of configuration mistakes that will open the door for easy attacks. The specifics of how you do this will vary significantly depending on the exact technologies you use in your organization. We’ll take a look at some of the most common misconfigurations and some tools to detect them. Even if you don’t use these specific tools, these examples should give you an idea of the kinds of mistakes you’ll want to be able to find.