How to Keep your network safe from Viruses, Malwares and Hackers.

Here are Common Threats to Information Security and Access Control.  Also the Best practices.

  1. DoS/ DDoS – (Denial of Services or Distributable Denial of Services).

This is an attack that disables the service, or makes it unreachable to its users. Distributable denial of services is attack that affects many places at once. The main objective of the DDoS attack is to incapacitate the system or a service in a way that it is difficult to work.

Backdoor Attack  – This is an attack that happens during development of the application system, creation of a program that hinders special access to the program capabilities.

Spoofing – Is active appearance to a system as a communication from attackers actually coming from unknown and untrusted source.

Man-in-The-middle – It is a form active e-strapping in which the attacker makes an independent connection to it victims and relates the message between them making them believe that they are communicating directly to each other over private connection when in fact the entire connection is controlled by the attacker.

A Replay attack – Is a form of network attack in which a valid data transmission is maliciously or virtually repeated or delayed.

DCP Hijacking – Is an attack of unauthorized access to information or services on the computer systems.

Social engineering – Is the attacks of manipulating people and performing actions with ability to disclosing confidential information.

Dumpster diving – Is an attack that is used by the information thieves to get correct data, credit card numbers and other personal information retrieved from what people and companies throw away.

Password guessing – Is a common attack of attempt to guess someone’s legitimate logon credentials.

Brute force Attack – This is where an intruder numerous passwords with hopes that one password will work. It’s a sequential attempt until the correct value is spelled. This type of attack may take a long time since there can be a million possible passwords for a given user account.

Dictionary attack – Here the common passwords are tried to check whether the intruder can get login and gain entry into attacking system. If the intruder was attempting to gain entry using a specific person’s user ID, the next step is try and find out personal information about that person such as First name, surname, year of birth etc., and try combination of these to gain access into the system.

Trojan horse – Is a general term referring to programs that appear desirable, however containing undesirable content. It purports the performance actions that the user wants but secretly performing other potentially malicious actions.

Phishing – The attacker forge e-mail that appear to have originated from a financial institutions or any other high valued institution. The forged e-mails will contain instruction that will direct the recipient to click on a link that the provide information form. The victim will later believe that institution will be help to verify these sensitive credentials but in reality is handing these credentials over to a criminal.

Pharming – Attacker directs traffic to a specific website to a personal website usually where unsuspecting user logs in with the credentials.

Software exploitation – This is where an attacker provides program on the screen a fake login which tricks the user into attempting to log in. The user is asked for the username and password which is stored for the attacker to access at a later time. The user does not know that this is not the usual log on the screen for it looks like the exactly like the logon the screen. A fake error message may appear indicating that the user missed the correct login credentials. At this point the fake logon program access enhances control over to the operating system which prompts the user for a username and password. The user assumes that he mistyped this information and doesn’t give a second thought but an attacker now knows the login credentials.

 Wi-Fi Password Cracking – Is a common process of discovering the password used to protect wireless network. This can be done by social engineering, Brute-force-attack or Network sniffing.

Vulnerability exploitation -This happens where the attackers scan computers to gain information about them. This can be through port scanning or social engineering where the target is to learn as much as possible about the target computer’s; operating system, version and list of services running on it. Finally the attacker looks for any known vulnerable loophole to exploit the system.

SECURITY TECHNOLOGIES PRACTICES

  • Installing Firewall

A firewall can be either software or hardware.

It is a system designed to prevent unauthorized access from entering a private network by blocking unwanted traffic: however, permits only wanted traffic as authorized on the Access Control List (ACL). Firewall is essential to any business with a key objective of keeping the network safe. ACL is a listing of what can access the network through which only allowed ports get permission to penetrate thus denies unlisted ports. Most firewalls come up with the default rule of implicit deny. Here, implicit deny allows only traffic that is listed on the access control list.

But anything else will be implicitly denied.

TWO TYPES OF FIREWALL

Host based firewalls – This is a software firewall. It is installed on the computer to protect it but not the network. Windows 8, 10 and the latest versions of Microsoft operating system came packaged with a host based firewall. This can be accessed through Control panel then, Windows security.

Network based firewall.

This is a combination of software and hardware which operates at a network layer. It is therefore placed between a private network and and the internet to protect entire network from harmful attack before reaching the computer.

TWO WAYS ON HOW FIREWALL INSPECTS TRAFFIC

Stateful: It monitors all the connections and data streams that are passing through. It keeps track record of the previous sessions. It does thorough job of protecting a network dynamically.

Stateless: It doesn’t do a thorough job. It simply uses an Access Control List (ACL) to allow or deny traffic. It doesn’t thoroughly inspect the data packets but only looks at the header section of the data packets. It doesn’t keep track record of the previous data packets.

  • Content filtering.

This is a technology commonly used to filter spam in emails particularly for data based on the contents.

  • Signature identification – This is a technology used to detect viruses that have a well-known behavior pattern. Firewalls are the preferred mechanism to detect this behavior.
  • IDS/IPS (Intrusion detection or Prevention System) – Can be either software or hardware tool used to alert and prevent a network from outside attackers like viruses, malware and hackers.
  • HPPTS (SECURE HYPERTEXT TRANSFER PROTOCOL)

HTTP is a HYPERTEXT TRANSFER PROTOCOL most widely used around the world for viewing web sites and pages on the internet. However, for sensitive data like bank and e-commerce that require passwords and credit card information, it is very important to secure the http by installing a Secure Socket Layer (SSL) which upgrades HTTP to HTTPS adding a secure feature which encrypts data being retrieved on the internet.

  • SSH (Secure Shell)

It protects data from being attacked and stolen during transfer over a network. It is a sure tunnel that is formed around the data being transferred to protect it from potential attackers.

OTHER NETWORK SECURITY PRACTICES

Here are other best practices for access control to ensure the security stays at a satisfied level;

  1. Deny access to systems by undefined users or anonymous accounts.
  2. Limit and monitor the usage of administrator and other powerful accounts.
  3. Suspend / delay access capability after a specific number of unsuccessful logon attempts.
  4. Remove obsolete user accounts as soon as the user leaves the organization.
  5. Suspend inactive accounts after 30 to 60 days.
  6. Enforce strict access criteria.
  7. Enforce to need-to-know the and least-privilege practices.
  8. Disable unnecessary system features, services, and ports.
  9. Replace default password setting on accounts
  10. Limit and monitor global access rules.
  11. Ensure logon IDs are non-descriptive of job functions.
  12. Remove redundant resource rules from accounts and group membership
  13. Remove redundant IDs, accounts, and role-based accounts from resource access lists.
  14. Enforce password rotation
  15. Enforce strong password requirements
  16. Audit systems, user events, actions, and review reports periodically
  17. Protect audit logs

Thank you for reading.

Donate?

54 Replies to “How to Keep your network safe from Viruses, Malwares and Hackers.”

  1. Mastering the art of blackjack may make this dream turn into a reality. The deposit needs to be coming from a debit card with your name (hardly any other deposit methods qualify, such as Moneybookers or another e-wallets). Important: The proportions between the back bet and the lay bet are different on this occasion, even as we are employing the free bet and never our own money.

  2. I’m really enjoying the theme/design of your blog.
    Do you ever run into any browser compatibility issues?
    A couple of my blog audience have complained about my website not operating correctly in Explorer but looks
    great in Safari. Do you have any recommendations to help
    fix this issue?

  3. Woah! I’m really digging the template/theme
    of this site. It’s simple, yet effective. A lot
    of times it’s challenging to get that “perfect balance” between user friendliness and visual
    appearance. I must say you’ve done a awesome job with
    this. In addition, the blog loads extremely fast for me on Firefox.
    Exceptional Blog!

  4. My partner and I stumbled over here by a different
    page and thought I might as well check things out.
    I like what I see so now i’m following you. Look forward to looking over your web
    page for a second time.

  5. Greetings! This is my first comment here so I just wanted
    to give a quick shout out and tell you I really enjoy reading your
    articles. Can you recommend any other blogs/websites/forums that deal with the same topics?
    Thank you so much!

  6. Having read this I believed it was really informative.
    I appreciate you spending some time and effort to put this information together.
    I once again find myself personally spending way too much time both reading
    and leaving comments. But so what, it was still worthwhile!

  7. Hmm it appears like your blog ate my first comment (it was extremely long) so I guess I’ll just
    sum it up what I wrote and say, I’m thoroughly enjoying your blog.
    I too am an aspiring blog blogger but I’m still new to the whole thing.
    Do you have any recommendations for rookie blog writers?

    I’d really appreciate it.

  8. I am curious to find out what blog system you are utilizing?
    I’m having some minor security issues with my latest blog and I’d like to find something more risk-free.
    Do you have any recommendations?

  9. Hi! This post could not be written any better!

    Reading this post reminds me of my previous room mate! He always kept
    talking about this. I will forward this write-up to him.
    Fairly certain he will have a good read. Thank you for sharing!

  10. We’re a group of volunteers and starting a brand new scheme in our community.

    Your web site offered us with valuable info to work on. You’ve performed an impressive activity and our
    whole neighborhood will probably be grateful to you.

  11. I simply could not go away your website prior to suggesting that I
    extremely loved the usual information an individual provide for your guests?

    Is gonna be back continuously to check out new posts

  12. Hey there I am so happy I found your webpage, I really found you by
    mistake, while I was researching on Digg for something else, Nonetheless I am
    here now and would just like to say cheers for a remarkable post and a all round exciting blog (I also love the theme/design), I don’t have time to
    read it all at the moment but I have book-marked it and also added in your RSS feeds,
    so when I have time I will be back to read much more, Please do
    keep up the fantastic jo.

  13. Pretty element of content. I just stumbled upon your site and in accession capital to say that I get in fact enjoyed account your weblog posts.
    Any way I’ll be subscribing in your feeds or
    even I fulfillment you get entry to consistently quickly.

  14. Hey I know this is off topic but I was wondering if you knew of any widgets I could add to
    my blog that automatically tweet my newest twitter updates.

    I’ve been looking for a plug-in like this for quite some time and was hoping maybe you would have some
    experience with something like this. Please let me know if you run into anything.
    I truly enjoy reading your blog and I look forward to your new updates.

  15. Right now it appears like Expression Engine is the best blogging platform available right now.
    (from what I’ve read) Is that what you’re using on your
    blog?

  16. Hey There. I found your blog using msn. This is
    a really well written article. I will make sure to
    bookmark it and return to read more of your useful information. Thanks for the post.
    I’ll certainly return.

  17. We’re a bunch of volunteers and starting a brand new scheme
    in our community. Your site offered us with useful information to
    work on. You’ve done an impressive job and our entire community will likely be thankful to you.

  18. Hey There. I found your blog using msn. This is an extremely well written article.

    I will be sure to bookmark it and return to read more of
    your useful information. Thanks for the post. I’ll definitely return.

  19. Thank you for sharing your thoughts. I really appreciate your efforts and I will be
    waiting for your further write ups thank you once again.

  20. Spot on with this write-up, I seriously believe that this site needs a lot more attention. I’ll probably be returning to
    read more, thanks for the advice!

  21. Have you ever thought about writing an e-book or guest authoring
    on other websites? I have a blog based upon on the same
    ideas you discuss and would love to have you share some stories/information. I know my readers would
    enjoy your work. If you are even remotely interested,
    feel free to send me an e mail.

  22. Yesterday, while I was at work, my sister stole my
    iphone and tested to see if it can survive a forty foot drop, just so
    she can be a youtube sensation. My apple ipad is now
    broken and she has 83 views. I know this
    is completely off topic but I had to share it with someone!

  23. I’m not sure exactly why but this site is loading incredibly
    slow for me. Is anyone else having this problem or is it
    a issue on my end? I’ll check back later and see if the problem still exists.

  24. naturally like your web-site however you have to check the spelling on several of your posts.
    A number of them are rife with spelling issues and I find it very troublesome to inform the truth on the other hand I will certainly
    come back again.

  25. Heya this is somewhat of off topic but I was wanting to know if blogs use WYSIWYG editors
    or if you have to manually code with HTML.
    I’m starting a blog soon but have no coding knowledge so I wanted to get advice from someone with experience.

    Any help would be greatly appreciated!

Leave a Reply

Your email address will not be published. Required fields are marked *