Wardialing

            123- Wardialing is used to gain unauthorized access to a remote network server.

            124- Attackers  use  wardialing  software  to  dial  several  telephone  numbers  to  search for  a
            server that responds.

            125- If  any  remote  access  server  responds,  the  attacker  can  penetrate  into  the  corporate

            network.



            Dumpster diving
            126- Dumpster  diving  refers  to  searching  the  trash  to  get  information  from  personal or

            corporate waste.
            127- Printed papers containing information should be shredded to prevent leaking information

            to dumpster divers.



            Social engineering

            128- Social engineering is the process of getting personal information by taking someone into
            confidence.

            129- Information can be collected face-to-face, over the phone, or over the Internet.
            130- The  person  becomes  a  victim  by  trusting  someone  and  reveals  personal  or corporate

            information.

            131- It results in phishing attacks.



            Disabling nonessential services and protocols

            132- Several services and protocols are installed by default when an OS is installed.
            133- Nonessential  services  or  protocols  are  vulnerable  to  external  attacks  if  not correctly

            configured.
            134- These services and protocols should be disabled or removed.

            135- Service dependencies should be checked before services are disabled.















                   www.hrnikkhah.com                        by :  Hamid  Reza  Nikkhah                 Page 8