Network edge devices: border routers with their admin interfaces open, so people can manage them from home, but so can anyone else
Networked printers/copiers: have IP addresses without VLANs, making them a convenient and undefended jumping-off point to the whole network.
Web servers and Web applications: With Web servers sitting off the firewall in a demilitarized zone (DMZ), they can often be the ideal gateways to internal company processes. Web servers without patches and passwords are common. Three-quarters of hacker attacks are on Web servers since that’s what’s out there. This is particularly dangerous with the proliferation of Web applications. Attacks have typically moved up into the application layer, and that’s one of the hardest things to protect against because there are no one-size-fits-all solutions. The danger, of course, is that Web applications typically connect attackers into your databases, and that can be a huge problem.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.