IT Security - Denial of Service (DoS) Countermeasure
Denial of Service (DoS) is an activity performed by a hacker if he is very upset and cannot get inside your computer or network and all he wants to do is to bring your internet services on its knees.
Some hackers attack other "weak" computers or networks. Once they are inside those "weak" computers or networks, they can now control it. These "weak" computers or networks become "zombies" of that hacker.
Now, the hacker will use his "zombies" to send packets going to your computer or network all at the same time to bring your internet services on its knees. It's called Distributed Denial of Service (DDoS).
To prevent it to happen, do the following:
1. Install a Firewall. We suggest a "hardware-based" or a separate appliance for corporate networks. You may install a "software-based" such as BlackIce and ZOne Alarm for desktops and laptops.
2. Install an AntiVirus with the latest updates from the vendor.
3. Install eSafe and BackOfficer to counter Back Orifice.
4. Do not launch executable content found on the internet.
5. For corporate networks, hire a Penetration Test expert to identify the specific vulnerabilities of your network. MITXpress Solutions offers Pen Test Seminars and Trainings.
IT Security - Backdoor Countermeasure
Backdoors are programs that hackers installed in your computer once the hacker had an access in your machine. Most backdoors CANNOT be detected by an AntiVirus. Once, your computer was hacked, ALWAYS assume that it has a "hidden" backdoors installed in it. The best thing to solve this is to install an anti-rootkit program or a backdoor scanner. Or else, re-format your harddrive and re-install your operating system.
To prevent your computer from these backdoor programs, just do the following:
1. Always update your Windows OS (Start --> Windows Update)
2. Install an AntiVirus and "always get the latest update".
3. Install a Trojan Defense Suite. We recommend the one from MultiMania.com
4. Check your computer to see if your computer is under attack.
How?
Start --> Run --> type "cmd"
C:\>netstat -a
If you see many connections are in SYN_RECV status, then most probably you are under attack!
To prevent your computer from these backdoor programs, just do the following:
1. Always update your Windows OS (Start --> Windows Update)
2. Install an AntiVirus and "always get the latest update".
3. Install a Trojan Defense Suite. We recommend the one from MultiMania.com
4. Check your computer to see if your computer is under attack.
How?
Start --> Run --> type "cmd"
C:\>netstat -a
If you see many connections are in SYN_RECV status, then most probably you are under attack!
IT Security - Port Scanning Countermeasure
To avoid or at least lessen the risk of your computer or system being scanned by some known Scanners, just follow the following:
1. Install a Firewall. We recommend BlackIce from NetworkIce.com or Zone Alarm from ZoneLabs.com
2. Install an AntiVirus. We recommend Kaspersky, NOD32, Avast, eScan, and AVG
3. Install these two (2) softwares to protect the sensitive ports; Snort from Snort.org and Tiny Software from TinySoftware.com
4. Disable SNMP
5. Block the ICMP (e.g. ping)
6. Block all ports that are NOT needed. But if you need to open some of the ports, just make sure that you BLOCK the following PORTS:
135 to 159, 256 to 258, 389, 445, 1080, 1745, and 3268
1. Install a Firewall. We recommend BlackIce from NetworkIce.com or Zone Alarm from ZoneLabs.com
2. Install an AntiVirus. We recommend Kaspersky, NOD32, Avast, eScan, and AVG
3. Install these two (2) softwares to protect the sensitive ports; Snort from Snort.org and Tiny Software from TinySoftware.com
4. Disable SNMP
5. Block the ICMP (e.g. ping)
6. Block all ports that are NOT needed. But if you need to open some of the ports, just make sure that you BLOCK the following PORTS:
135 to 159, 256 to 258, 389, 445, 1080, 1745, and 3268
IT Security - Console Hacking Countermeasure
With Console Hacking, the attacker (your friend, schoolmate, officemate, housemate, etc.) has a "physical" access to your computer or PC. If you want to protect your PC while you're away from your desk, do the following:
1. Set the BIOS password.
2. Set the "screensaver" password.
3. Disable the floppy disk drive, DVD/CD drive, and other removable disk.
4. Always update your Microsoft Windows OS and keep up to date with all the recent service from Microsoft.
1. Set the BIOS password.
2. Set the "screensaver" password.
3. Disable the floppy disk drive, DVD/CD drive, and other removable disk.
4. Always update your Microsoft Windows OS and keep up to date with all the recent service from Microsoft.
IT Security - Prevent Cisco Router Leakage
One of the issues we encounter with Cisco routers are this "leakage" that attackers used to compromise the router. To avoid it, we suggest you to do the following:
1. Block TCP/UDP ports 69, 79, 161, 256, 257, 258, 520, 1080, 1745, 1999, 9001
2. Use static routing "only"
3. Avoid using RIP instead use OSPF
4. Always use "service password-encryption"
5. Block responding to IP unreachable messages
IT Security - General Security Practices
A. Install Antivirus Software
- You may purchase or download a free or limited edition of Antivirus from trusted vendors such as Kaspersky, eScan, Avast, etc. JUst make sure that you have the "latest updates" of your Antivirus, so always visit the website of Antivirus software to get the latest updates. I pesonally update my Antivirus everyday!
B. Perform Regular Backups
- Don't trust all Antivirus or any other program or software that they could give you a 100% guarantee that the viruses and other malicious programs will not harm your computer if you install them in your computer. Worst is these viruses might delete all your files or even crash your whole system. So, I suggest that you always backup ALL your files into another hard disk or computer, in CD/DVD, and in other external storage devices such as flash drives or external hard drives.
C. Use Strong Passwords
- Whenever you create an account (e-mail, blog, social networking, etc.) with your computer, just make sure you use a strong password. A lot of software can be used to easily "crack" your password and access your account then compromise it. Honestly, I use software to "crack" passwords to test the vulnerability of the computer and network as part of my job. I found it hard to crack the password if you follow these guidelines:
1. Use at least 8 characters.
2. Don't use any word that can be found in dictionary.
3. Use a mixture of upper and lowercase letters.
4. Use at least 1 number and at least 1 nonalphanumeric character (e.g. @, &, %, ?, >)
D. Install Patches and Security Updates
- Before you do this, please backup first all your files because sometimes patches break the functionality that you need. Then, go to Start --> Windows Update (for Microsoft Windows users). You can get all the latest updates from Microsoft if you purchase a licensed copy of their operationg system.
E. Install a Firewall
- You may purchase a hardware or a software version of a firewall. A firewall is used to block a certain types of programs or applications from accessing your network or computer and vice versa. But remember, a firewall cannot block a virus. It can only block a program or website that contains a virus or malicious program. But once a program is already inside your network or computer, a firewall has nothing to do with it. Use an Antivirus instead. A good software-based personal firewalls that I use are ZoneAlarm, BlackICE, Kerio, McAffee, Norton, etc. You may download it directly from their websites. Just "google" it.
IT Security - Securing Your Windows XP
Here are the steps that I recommend to secure your Microsoft Windows XP.
Basic:
1. Install the latest Service Pack by running Windows Update.
Start --> Windows Update
2. Disable the Guest account in your computer.
Start --> Settings --> Control Panel --> User Accounts --> Guest
3. Create a Password for your account.
Start --> Settings --> Control Panel --> User Accounts --> “Your Account” --> Create a password
4. Always enable the built-in Firewall.
My Network Places --> right-click then Properties --> Local Area Connection --> right-click then Properties --> Advanced --> Windows Firewall --> Settings --> ON
5. Install an Antivirus and Spyware Removal.
My Favorites: Kaspersky, eScan, Avast, NOD32, AVG
A little Techie (a little advanced?)
1. Put a PASSWORD on your BIOS.
2. Make your hard drive NTFS.
3. Change the boot order to boot first to hard drive after you install an Operating System.
4. Always use a licensed and original copy of Microsoft Windows Operating Systems to get the latest Security Patches from Microsoft. Some technician could convert a pirated Windows OS to a genuine one (I don't recommend it and it's illegal).
5. Learn how hackers attack your computer and network and how you can prevent them. Please contact MITXpress Solutions (http://www.mitxpress.blogspot.com) for IT Security Seminars and other IT-related seminars.
Subscribe to:
Posts (Atom)
