Page 11 - Cyber Warnings
P. 11
password theft and unravel defenses. Eliminate invalid entries and unnecessary zone
transfers. No commercial tools needed.
• Self-audit server passwords. Employ strong passwords, eliminating redundant
credential use across systems, which makes it far easier for an attacker to pivot through
your networks should they compromise one system. No commercial tools needed.
• Harden servers and employee desktops. Each flavor of operating system has its own
nuances of security hardening. Establish a hardening strategy for each, and implement.
Virus protection can be considered an aid to hardening systems, but keep in mind that
virus protection is primarily a countermeasure to user behavior. Deploy virus protection
(of which there are a number of free varieties available), but address the primary issue
first: user behavior. No commercial tools needed.
• Scan for and remediate vulnerabilities. Public vulnerability databases catalog
reported software design and configuration flaws. These are the common openings
which attackers search for and seek to exploit, and they need to be closed. Systems and
web-apps need to be scanned for vulnerabilities.
There are a number of scanners out there, but OpenVAS (http://openvas.org), Nmap
(https://nmap.org), and Metasploit Framework (https://github.com/rapid7/metasploit-
framework) are excellent free tools that will get you started. Remediate vulnerabilities
reported. Update vulnerability definitions in your tools and scan regularly (at least
weekly).
Once scans report no vulnerabilities, your systems will no longer expose the most
common weaknesses that attackers are seeking to exploit. No commercial tools needed.
With tightened defenses, your organization is already more secure, a milestone from which
defenses can be improved upon over time.
Go on offense
Defenses are now in place, so go on offense. Viewing your security perimeter through the
lenses of an attacker will give you a more critical eye to spotting potential weaknesses.
Offensive measures include:
• Learn how attackers are currently exploiting systems. Attacker methods and
targeted assets seem to follow trends, probably because as certain vulnerabilities are
exploited to significant impact, other attackers jump on the bandwagon and attempt the
same. Monitor daily security news, and follow the trends of attack methods and private
assets being targeted. Reassess those areas of your organization’s defenses.
11 Cyber Warnings E-Magazine – July 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide