Analyzing the result.
Telegram channel: https://t.me/protectioninformation
Telegram Group: https://t.me/informationprotection1
Website: https://legascom.ru
Email: online@legascom.ru
As a result of the conversation, it turns out that the network uses a "zoo" of solutions. Some branches use software firewalls based on Linux and iptables. The branches use unmanaged switches. The domain is the same for all branches. The Windows 2003 domain level. The branches have DCS installed. Therefore, all domain controllers are equal, and the branch network, which is less secure, can be hacked. It was also revealed that there is currently no centralized monitoring of events and they are only preparing for the implementation of ArcSight. The number of jobs in the branches was also clarified.
To top it all off, the head of the IT department complained that many branches lack system administrators and that one of the accountants or managers is responsible for maintaining the existing systems. From this, we can conclude that the level of technical literacy in the branches is much lower and the attack will be much easier to carry out.
By the way, many IT department heads like to conduct excursions to the server room for their potential employees. And interviews are often conducted directly in the same rooms where IT specialists sit. Very often in such rooms, network plans with IP addressing are hung on the walls. In half an hour, which usually lasts an interview, a professional will remember this scheme.
Among other things, after the conversation, the attacker will have the contacts of those with whom he talked. These can be business cards or a letter inviting you to an interview. The more names there are, the more additional information an attacker can collect.
Information about these specialists can be searched on the Internet, or rather on social networks. For example, on the LinkedIn network, many specialists post their resumes, which describe their professional activities. After reviewing such summaries, an attacker will be able to get a more accurate idea of which technologies this specialist is most skilled in. For example, if the Linux OS is used as firewalls on the network, and all company administrators are Windows specialists, then we can assume that iptables is not configured in the best way.
In general, social media is a great evil. People write dossiers on themselves with their own hands and put it out for everyone to see.