If you are someone who works in the computer industry then you probably know what a server is and all of the things that it can do. If you are someone who is not in the computer industry then there is a good chance that you have heard of a server before but you may not know what it is. The word server gets thrown around all of the time. You will hear it on the TV and you will see it talked about on some of the web sites that you might visit. This is especially true when the web site is down and the people who visit the site want to know why.
For the people who are uninitiated, a server is the computer which host a web site or any files on what is known as the internet. There are all different types of servers out there. Some of the servers out there host, like we said earlier, web sites for the internet but other servers will just host files. These are known as FTP servers. There are other servers out there that are use just for the purpose of serving email to people. These are known as email servers. The most famous email server is the one known as the Exchange server that it is sold by Microsoft. There is even server software out there that will allow you to host a server on your own computer. Like we said there are all different types of servers out there and if any of them are unprotected then they are ripped to be taken down by one of the many black hat hackers on the web.
One of the attacks that the bad guys like to do is spoofing a server that is on the internet. It doesn’t matter what type of server it is; along as there are people who go to the server that trust it. Once you are on the spoofed server then the bad guys can do whatever they want to do on your computer. All that matters is that they are able to get the data that they are looking for. Once they do then they will either keep you on the spoofed server or they will really connect you to the real server that you were trying to connect to the whole time.
There was an example at the latest Blackhat conference of how dangerous a spoof server can be. The server would collect anyone with a smartphone who was trying to connect to a certain Exchange server. They thought that they were connecting to the server but instead they were actually connecting to the spoofed server. Once they did that the attacker was able to take any information that he wanted to from the phone and then set the phones back to the original factory settings. And this all happened while the phones needed to be signed with a digital security certificate.
This goes to prove once again that if the bad guys are trying hard enough then they will be able to get on your devices. Even with the proper security settings a motivated bad guy will be able to get in. This is why you have to be sure that you do all that you can to make the job of the bad guy that much harder.