I Think Our Internet Connection is Down

Too often, managerial staff of small sized businesses does not take security seriously. Common statements range from 'We don't have data of any value' 'We're too small for anyone to bother with' 'Our competitors wouldn't do something like that' to 'We don't have any proprietary information to protect'. The problem seems to stem from a misunderstanding of how their resources could be violated and used. A common misconception is that hackers only go after the 'big fish'. Not much thought is given to the idea that their resources may be used for things other than launching a nuclear missile. The following is a 'case analysis' of a real incident that was uncovered while trying to assist a small company with a supposed 'down' Internet connection. The particular organization published a few specialized magazines and did not have a full time trained technical staff. The environment consisted of 3 servers one of which was a multi-homed system running MS Proxy Server (This requires Internet Information Server) that was also configured as a Backup Domain Controller (BDC). The connection to the Internet was provided by a small ILEC that utilized a device that had routing capabilities to provide the connection to the Public Network.