Online Test Banks
Score higher
See Online Test Banks
eLearning
Learning anything is easy
Browse Online Courses
Mobile Apps
Learning on the go
Explore Mobile Apps
Dummies Store
Shop for books and more
Start Shopping

General Network Defenses to Avoid Getting Hacked

Regardless of the specific hacks against your system, a few good practices can help prevent many network problems. Consider the following provisions for your company to protect against malicious attackers:

  • Use stateful inspection rules that monitor traffic sessions for firewalls. This can help ensure that all traffic traversing the firewall is legitimate and can prevent DoS attacks and other spoofing attacks.

  • Implement rules to perform packet filtering based on traffic type, TCP/UDP ports, IP addresses, and even specific interfaces on your routers before the traffic is allowed to enter your network.

  • Use proxy filtering and Network Address Translation (NAT) or Port Address Translation (PAT).

  • Find and eliminate fragmented packets entering your network (from Fraggle or another type of attack) via an IPS.

  • Include your network devices in your vulnerability scans.

  • Ensure your network devices have the latest vendor firmware and patches applied.

  • Set strong passwords — better yet, passphrases — on all network systems.

  • Don’t use IKE aggressive mode pre-shared keys for your VPN. If you must, ensure the passphrase is strong and changed periodically (such as every 6–12 months).

  • Always use SSL (HTTPS) or SSH when connecting to network devices. Better yet, don’t even allow access to key devices from the outside.

  • Segment the network and use a firewall on the following:

    • The DMZ

    • The internal network

    • Critical subnetworks broken down by business function or department, such as accounting, finance, HR, and research

blog comments powered by Disqus
Advertisement

Inside Dummies.com

Dummies.com Sweepstakes

Win $500. Easy.