Uh-oh. This is pretty worrying.
According to a Wired report, sensitive details about the New York Stock Exchange’s network was left unprotected on a public server visible for anyone in the world to view.
Information, including the names of servers, IP addresses, log histories, hardware and software details, and configuration information was all found on a public FTP server maintained by EMC. The data even included details of which patches had not yet been installed on the NYSE network.
The worry is that a hacker could use the sensitive information to piece together details of the stock exchange’s network architecture, and use it to pinpoint where vulnerabilities might lie.
For their part, EMC has been keen to debunk the security problem. Wired quotes a spokesman as saying that they have discussed the situation with the NYSE, adding “We’re confident that the information exchanged on…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.