46 Chapter 2 ■ System Fundamentals
As you can see, there are layers of protection to keep unauthorized visitors from perus-
ing the internal network. A layered defense applies multiple levels (layers) of defensive road-
blocks in hopes a hacker will get stuck midstream. Not all organizations have the funds to
install such a solution, nor do they have personnel on hand properly trained to stay up to
date and configure the protective appliances properly. A $10,000 firewall is only as good as
the administrator maintaining it. Additionally, as ethical hackers we can rely on a wonder-
ful variable for vulnerability generation: our beloved users.Knowing Operating Systems
We’ll say more about operating systems when we discuss scanning and enumeration, but
for now we are interested in laying out the fundamentals of each of the common OSs on
the market today. Remember Achilles from Greek mythology? The hero who got shot in the
heel and died because of it? Granted, this is an oversimplification of the total story, but the
point is when attacking or pen testing a client’s network you must find the Achilles heel.
We are not necessarily going to continually hammer away at a world-class firewall solu-
tion, or attempt to attack a back-end database server directly. We are going to find that one
unpatched client system or web server running an antiquated Internet Information Services
(IIS) version. What does all this banter have to do with operating systems? Operating sys-
tems offer some common vulnerabilities if not configured properly by the administrator,
and as surprising as it may seem, quite a few organizations are running a fresh-out-of-the-
box copy of an OS.Windows
Although there are many different operating systems, in all likelihood it will be a flavor of
Microsoft’s Windows OS that you will test against. There are other OSs in the wild that
have a certain amount of enterprise market presence, but Microsoft still has a massive foot-
hold on the OS market. By the end of 2013, Windows was the installed OS of choice for
over 90 percent of the market. That’s a pretty big target! Let’s take a look at some common
vulnerabilities of this market dominator:
■ Patches, patches, and more patches. Microsoft, being an OS juggernaut, constantly
compiles and distributes patches and service packs for their operating systems. But
those patches may not get installed on the systems that need them most. As strange as
it may seem, constant updating may in itself become a problem. It is not uncommon for
a patch or update to be applied and introduce other problems that may be worse than
the original.
■ Major version releases and support termination impact Windows products. Yes, I have
friends who still love their Windows 98 machines. What this translates into is a system
with multiple vulnerabilities simply due to age, especially if that system is no longer
supported by the manufacturer.