Recommendations for Network Vulnerabilities
Whether you are running a Windows based server, a UNIX/Linux based server, or a combination of both types of servers, there are some basic safeguards that are critical to ensuring that the network infrastructure remains secure (Warren, 2005). Although both types of servers are basically secure, there are some known vulnerabilities that exist that could be exploited if additional measures are not taken to address them. The following information outlines the steps that are currently in place within our IT department to address server and other network vulnerabilities.
The first step in addressing vulnerabilities that exist within our Windows and UNIX/Linux servers, as well as our firewall, is making sure that all the latest updates and service patches are installed on all hardware. All our Windows servers are taking advantage of the Windows update feature, which has been set up to download and install all security, reliability, and compatibility updates in an automatic manner (Microsoft, 2012).Our Red Hat enterprise server is currently configured to automatically update using the yum command and is configured to download and install updates daily.Our bidirectional firewall is configured for automatic updates so it will upload the newest patches each time they are scheduled which is at 3 a.m. during our nightly system maintenance window. These updates will enable the servers to obtain the latest patches and updates; hence, the firewall will shelter our network against the latest viruses, worms, Trojan horses or bugs that would have been created since the last update of the program. In addition, scheduling these services to automatically update our equipment will ensure that known, as well as newly discovered vulnerabilities are dealt with expeditiously and considered a “best practices” answer to the problem.
The second step in addressing network vulnerabilities involves the firewall. Hackers often hide their malware inside of a legitimate program, and then direct that legitimate program to establish a connection between one of our computers and the Internet. Since our firewall does not recognize the programs that are supposed to send and receive messages from the Internet, we restricted all programs that do not need it to hinder it from doing so. We have also restricted our printer from having access to anything beyond the local network level, so a virus will not be able to embed itself into the printer software and send and receive information through that connection. Rather than accepting the default configuration for the firewall, the additional configuration provided by our IT department has eliminated some of the vulnerabilities that can affect the network.
The third step in addressing network vulnerabilities involves layering security systems on the network. The firewall creates a shell around the network and allows certain types of authorized traffic to pass through it as it identifies and blocks other types of traffic that it recognizes as bad. However, a firewall can only protect against known issues, so we have supplementedour firewall with an aggressive antivirus program which scans information that has gotten through the firewall and can quarantine and eliminate malware.If the new virus is able to sneak through the firewall, eventually it will be rooted out by the antivirus software once the virus signature is updated. We are currently using the latest version of Mozilla Foxfire which has a built in pop-up blocker and spam blocking software to round out and complete the layers of security for our network. These layers add protection from some of the vulnerabilities that affect networks.
The fourth step in addressing network vulnerabilities is to test for leaks in the firewall, as well as scan for open ports on the network. The IT department has deployed a variety of tests in order to ensure that our firewall is not subject to vulnerabilities. Gibson Research Corporation’s LeakTest actually tried to bypass our firewall and in doing so tested the firewall’s software filtering, and outbound filtering capabilities (Gibson, 2002). Hackers will be able to use any open ports to gain access to our network. It is the goal of the IT department to keep as few ports open, and for as short a period of time as possible. The access to ports is currently being managed by creating a program exception which will open the port only as a particular program needs it. We are aware of which programs use which ports so that we can ensure that no ports are accidentally left permanently open. The IT department consistently uses port scanning programs which gives us the status of the ports on the network and we cross check those to ensure that only the authorized ports are being utilized (“AuditMyPC,” n.d.).
The solutions presented here are only a few of the processes that we have in place within the IT department to secure the network from known vulnerabilities. Keeping the software up to date and patched, configuring firewalls to deny the undesirable activity while allowing the trusted activity, and testing for leaks and open ports are relatively easy solutions to known vulnerabilities, which can affect the network. I will continue to keep my finger on the pulse of the emerging technologies concerning known vulnerabilities and the solutions to prevent them from affecting the network and keep you apprised of any new developments that may affect the security of the network.
AuditMyPC. (n.d.). Free Internet Security Testing. .Firewall Test, Web Tools and Free Internet Security Audit: Audit My PC. Retrieved from http://www.auditmypc.com/firewall-test.asp
Gibson, S. (2002). Firewall Leakage Tester. Home of Gibson Research Corporation. Retrieved from http://www.grc.com/lt/leaktest.htm
Microsoft. (2012). Windows Server Update Services Home.Microsoft TechNet: Resources for IT Professionals. Retrieved from http://technet.microsoft.com/en-us/windowsserver/bb332157.aspx
Warren, P. (2005). Ten steps to secure networking – Computerworld. Computerworld – IT News, Features, Blogs, Tech Reviews, Career Advice. Retrieved from http://www.computerworld.com/s/article/104999/Ten_steps_to_secure_networking