The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Category: Security Page 19 of 75

Protecting Your Computer Network: Tips To Configure Firewall

By

On April 30, 2021

In Security

Firewall is a critical part of first line of defense against online attacks. This makes configuring firewall an important step for ensuring network security. Breaking down the process of firewall configuration into simpler steps can make the process more manageable.

Following are some crucial steps for firewall configuration irrespective of the firewall platform:

Ensure Firewall Is Secure: Securing firewall is the first step towards configuration and management of firewall. So, make sure to –

  • Disable simple network management protocol (SNMP)
  • Rename, disable or delete any default user account and modify default passwords.
  • Establish additional administrator accounts based on responsibilities, specifically if firewall will be managed by multiple administrators.

Create Firewall Zones & Corresponding IP Addresses: The more zones you establish, the higher will be network security. Before proceeding to defend valuable assets, it is first important to identify these assets and then plan out network structure to position networks based on functionality and data sensitivity. Now design a secure structure and create equivalent IP address structure. The next step is to architect firewall zones and allocate them to firewall interfaces.

Configure Access Control Lists (ACLs): After firewall zones have been created and allocated to firewall interfaces, the next step is to determine the traffic that will flow in and out of each zone. This is facilitated by Access Control Lists. Use both outbound & inbound ACLs to each interface and sub-interface on the network firewall.

Configure Other Firewall Services To Required Standards: Depending upon the chosen firewall platform and its abilities such as Intrusion Prevention System, Network Time Protocol, DHCP, etc, configure relevant firewall services and disable additional services.

Conduct Network Firewall Configuration Tests: Test the firewall configuration to testing and verify that the firewall is working as expected. Include both penetration testing and vulnerability scanning to test firewall configuration.

Constant Firewall Management: After completing firewall configuration, ensure secure firewall management. Take following steps to effectively manage firewall –

  • Perform Vulnerability Scans
  • Monitor Logs
  • Regularly Review Firewall Rules
  • Update Firmware
  • Document Progress

In addition to these crucial steps, implement following additional tips for firewall configuration:

  • Fulfill standard regulatory mandates
  • Frequently change configuration settings
  • Set default setting to block all traffic and monitor user access
  • Establish & use secure connection only

For more information on tips on how to protect your computer network from cyber-attacks, contact Centex Technologies at (254) 213 – 4740.

Understanding Network Security Threats

By

On April 29, 2021

In Security

What Is A Network Security Attack?

A network security attack is an action or attempt aimed at gaining unauthorized access to an organization’s network. The objective of these attacks is to steal data or perform other malicious activity. Network attacks can be classified into two main types:

  • Passive Attack: In this type of attacks, attackers gain access to the organization’s network and monitor or steal data but without making any change to the data.
  • Active Attack: In an active attack, attackers not only gain unauthorized access to the data but also modify data by deleting, encrypting, or otherwise harming it.

The main focus of network security attackers is to bypass peripheral security of an organization and gain access to internal systems. But in some cases, attackers may combine other types of attacks such as endpoint compromise, malware induction, etc.

What Are Common Network Security Threats?

The types of network security threats are defined by the threat vectors used by the network security attackers to penetrate the network:

  • Unauthorized Access: The attackers gain access to the network without receiving legitimate permission. Some causes of unauthorized access are weak passwords, insufficient protection against social engineering, compromised accounts, and insider threats.
  • Distributed Denial of Service Attacks: Attacks build a network of bots and compromised devices to direct false traffic at the organization’s network or server. This overwhelms the server resulting in interruption of security layers.
  • Man In The Middle Attack: It involves interception of traffic between organization’s network and external sites. If the communication is insecure, attackers can circumvent the security and steal the data being transmitted.
  • Code & SQL Injection Attacks: Many websites accept user inputs through forms but do not sanitize them. Attackers fill out these forms or make an API call, passing malicious code instead of expected data values. Once the code is executed, it allows attackers to compromise the network.

What Are The Best Practices To Stay Protected Against Network Security Threats?

Following are some best practices to stay protected against network security threats:

  • Segregate the organization’s network
  • Regulate internet access via proxy server
  • Place security devices correctly
  • Use network address translation
  • Monitor network traffic
  • Use deception technology

For more information on things to know about network security threats, contact Centex Technologies at (254) 213 – 4740.

Comprehensive Guide To MITM Attack

By

On April 26, 2021

In Security

PDF Version: Comprehensive-Guide-To-MITM-Attack

Emerging Cyber Security Threats

By

On March 30, 2021

In Security

2020 has witnessed a great change in the work environment of organizations with an increase in number of remote and work from home employees. This change in dynamics has paved way for new cyber security threats along with re-emergence of some old threats.

Here is a list of emerging cyber security threats that organizations should be aware of in order to stay protected:

  • Work-From-Home Attacks: Cyber security attacks on work-from-home or remote employees are not new but the frequency and extent of such attacks has increased many folds with the new work culture. Cyber criminals are targeting multiple and insecure home networks at same time to launch wide spread breach of critical systems and services. AN effective way to solve this problem is to effectively use Identity & Access Management Tools that are capable of analyzing user activity, resource requests, and corporate connectivity behavior.
  • Brute Force Attacks: Brute force attacks have resurfaced as cyber criminals are recognizing the potential of DDOS attacks. Hackers are making use of simple services delivery protocol (SSDP) and simple network management protocol (SNMP) to launch large number of Distributed Denial Of Service attacks. Use of botnet swarms has enable hackers to amplify IP requests to overwhelm organizational networks leading to slower response time. SNMP attacks can cause more damage as the protocol connects and manages common corporate devices, such as modems, printers, routers and servers. Compromised SNMP help attackers in bypassing firewalls which exposes all corporate services to risk.
  • Fileless Frameworks: Fileless malware and ransomware attacks are designed to bypass common detection controls and infiltrating key systems by using legitimate platforms or software tools that already exist within corporate networks. This allows hackers to get past common detection methods that scan for malicious files. Use of existing system tools does away with the need for cyber criminals to design an attack framework which decreases the time required for malware development.
  • Front Line Phishing: One of the biggest news of 2021 is COVID-19 vaccine. People are extensively searching online to know more information about the vaccine such as current state of the disease, when will the vaccine be given out, who has been approved to get the vaccine, etc. Thus, organizations and individuals should be prepared for phishing attacks fabricated around this topic. Cyber criminals are using COVID-19 vaccine information links as phishing baits in their emails or messages to lure users.

For more information on cyber security threats, contact Centex Technologies at (254) 213 – 4740.

Malware: Types, Detection & Prevention

By

On March 26, 2021

In Security

The word ‘Malware’ is derived from the amalgamation of words malicious and software. It is a type of software that is particularly designed with the sole purpose of harming a target computer system by stealing data or causing disruption. In order to stay protected against malware, companies need to use specific anti-malware programs. But before choosing the correct anti-malware system, it is imperative to know about different types of malware.

Following are some common malware types:

  • Virus: A computer virus is malicious code that has the ability to copy itself and spread to other files and folders. The code attaches itself to legitimate executable programs resent in the target system and launch when the program is executed. Some of the harmful functions performed by viruses are modifying or corrupting files, copying data, disrupting software functions, etc. As the virus is self-replicating, it is difficult to completely remove the virus completely.
  • Worms: Worms are self-replicating and infect computers through vulnerabilities in the operating systems. Most worms are designed to consume lot of bandwidth and overload the servers. However, small number of worms can modify the existing files. Worms are used by the hackers to deliver payloads in target systems which are then launched to steal data, corrupt files, etc.
  • Bot: An internet bot is an application designed to perform automatic functions. Hackers can engineer bots to infect computers and perform large scale DDOS attacks. The bots are programmed to infect multiple computer systems and form a botnet to over-flood the server with a large number of requests. Bots are also used to cause inconveniences like spamming and repetitively showing certain advertisements.
  • Ransomware: Ransomware is a malicious software that completely locks the infected system until the user pays a ransom. Ransomware spreads like a worm across a network and has the ability to infect the network of an organization within hours. Some ransomware software do not lock the entire system, but encrypt critical data files. The users are asked to pay a ransom in exchange of decryption key.
  • Spyware: It is a software that lies undetected in the target system. It’s purpose is to collect information on user activity and send it to the hacker’s server. This is done by monitoring usage, logging keystrokes, stealing user passwords, etc.
  • Trojans: A Trojan is a malicious software that is designed to appear as a common, harmless attachment or downloadable file that may not be detected as harmful by the antivirus system. However, once downloaded, the software executes itself and causes damage such as stealing data, erasing or modifying files, altering system configuration, etc.

Detection Of Malware:

Some common signs that indicate presence of malware are:

  • Slowing down of systems
  • Reduced browsing speed
  • Recurrent freezing of systems
  • Modification of files
  • Altered system settings
  • Missing files
  • Random appearance of new files or applications

Prevention Of Malware:

  • Use reliable & authentic anti-virus
  • Conduct regular scans
  • Do not use pirated software
  • Don’t open attachments from unknown sources

For more information on types, detection and prevention of malware, contact Centex Technologies at (254) 213 – 4740.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)