Search

Defense against Network Attack

The following tips will help you to keep your network secure against unauthorized monitoring and network attacks.

Configuration Management

The main weapon in network attack defence is tight configuration management. The following measures should be strictly implemented as part of configuration management.

• If the machines in your network should be running up-to-date copies of the operating system and they are immediately updated whenever a new service pack or patch is released.

• All your configuration files in your Operating Systems or Applications should have enough security.

• All the default passwords in your Operating Systems or Applications should be changed after the installation.

• You should implement tight security for root/Administrator passwords.

Firewalls

Another weapon for defense against network attack is Firewall. Firewall is a device and/or a sotware that stands between a local network and the Internet, and filters traffic that might be harmful. Firewalls can be classified in to four based on whether they filter at the IP packet level, at the TCP session level, at the application level or hybrid.

1. Packet Filtering: Packet filtering firewalls are functioning at the IP packet level. Packet filtering firewalls filters packets based on addresses and port number. Packet filtering firewalls can be used as a weapon in network attack defense against Denial of Service (DoS) attacks and IP Spoofing attacks.

2. Circuit Gateways: Circuit gateways firewalls operate at the transport layer, which means that they can reassemble, examine or block all the packets in a TCP or UDP connection. Circuit gateway firewalls can also Virtual Private Network (VPN) over the Internet by doing encryption from firewall to firewall.

3. Application Proxies: Application proxy-based firewalls function at the application level. At this level, you can block or control traffic generated by applications. Application Proxies can provide very comprehensive protection against a wide range of threats.

4. Hybrid: A hybrid firewall may consist of a pocket filtering combined with an application proxy firewall, or a circuit gateway combined with an application proxy firewall.

Encryption

Encryption is another great weapon used in defense against network attacks. Click the following link to get a basic idea of encryption.

Encryption can provide protection against eavesdropping and sniffer attacks. Private Key Infrastructure (PKI) Technologies, Internet Protocol Security (IPSec), and Virtual Private Networks (VPN) when implemented properly, can secure you network against network attacks.

Other tips for defense against network attack are

• Privilege escalation at different levels and strict password policies

• Tight physical security for all your machines, especially servers.

• Tight physical security and isolation for your back up data.


Related Tutorials