The 5 Most Important Security Leaks to Check Your Network for Regularly
Originally published on September 25, 2017 by Patrick Gebhardt
Last updated on September 26, 2017 • 7 minute read
Want to make sure your network is safe all the time and that there is no undetected leak? Been there. Done that.
Let us show you how!
First of all: Keep in mind that only an all-encompassing security strategy can offer you sufficient protection in the context of network security. We at Paessler know exactly how network monitoring, as a strategically important module of IT security, works. How? Because that’s a part of our daily job! And the beauty of experience is that we also start to recognize situations and trends more quickly, which means we can respond in due course. No, we’re not psychic, but some things we can almost see happening before they actually do. When it’s up to network security, 2017 so far isn’t any better than 2016. We’ve seen some big hacks, leaks and data breaches and this year’s fair share of headaches could be avoided surprisingly simply.
Let`s get started!
When IT guys get asked about their pearls of wisdom towards network security, having a regular look on your firewall is often named first. Unfit firewall configurations show us that many companies are still more ‘9 to 5’ than ‘24/7’ when it comes to network security. Review and independently audit your firewall regularly to ensure that only the most necessary configuration is active. While performing external penetration testing, remote management services often are exposed to the public internet rather than being filtered to only permit access from networks such as the LAN or VPN. It’s an important task for every network monitoring solution to check existing firewalls for operational reliability. But attackers can use many different paths and along with checking your firewall comes...
#2 Network Segregation
Keep in mind that segregation needs to work effectively - both across your network egress and ingress points. Network anomalies, which arise from the segregation between clients and servers, need to be detected at an early stage. If not, you offer a free ticket for attackers who easily step across the compromised systems because your cardholder data environment was insufficiently segregated.
#3 Web Applications
Web applications have the potential to become the main attack vectors. Executives should start thinking about how to manage the risk that software applications and APIs create in their companies. Detecting and blocking attacks makes applications dramatically harder to exploit yet almost no applications or APIs have such protection. Critical vulnerabilities in custom code as well as components are also discovered all the time, yet organizations frequently take far too long to roll out new defenses. The biggest threats usually found within client’s applications are Cross Site Scripting, SQL Injection and Parameter Tampering attacks. Right after regular web application testing, your applications should be securely coded using an appropriate methodology, such as the guidelines found in OWASP (The Open Web Application Security Project) - which is also a great read if you want to get into the juicy details of web application security risks.
#4 Patch Management
In modern times, we’re facing a rapid increase of targeted attacks on external software as well as the compromising of whole network systems. Admins must take action: make sure that all services and systems are regularly patched. Among others, this should most definitely include Java, Flash, Adobe Reader and other third party software. In addition, use tools which allow a precise vulnerability scanning of your network. This may help you to assure that patches are being applied effectively. Now, last but not least...
#5 Your Cat`s Name Is Not a Suitable Password
... however, the name of your quite pleasant, furry friend who vaguely resembles a meatloaf is better than »12345« or »qwerty«. Every year, the guys at SplashData publish a list of the millions of stolen passwords made public throughout the last twelve months, then sort them in order of popularity. This should be seen as a lesson how NOT to choose your password. Our personal favorites of the 2016 list are »monkey« (18) followed by »letmein« (19) and with one big WOW number 21 »princess«. Using strong passwords and testing them regularly may sound simple but let me get this straight: Broken authentication, file shares without appropriate permissions, and the ability to enumerate usernames are as avoidable as common.
Try to carry out these 5 checks regularly to make sure that your network is well protected. And yes, security vulnerabilities can be a complex issue and are buried in mountains of code. But in a lot of cases, the most-effective approach for finding and eliminating these weaknesses are human experts armed with effective tools. Focus on making security an integral part of your culture throughout your development organization. These 5 checks cover a lot of ground, but there are also many other risks you should consider and evaluate in your organization. We’ve helped thousands of admins monitor their network and keeping it save at the same.