How to protect your network from cyber-attacks

By Tim Cronin

There are three measures network administrators can take to avoid the types of network attacks that plagued US and South Korean websites including www.whitehouse.gov, NASDAQ, NYSE, Yahoo!’s financial page and the Washington Post. The three areas to focus on are network based mitigation, host based mitigation and proactive measures.

Network based mitigation:

  • Install IDS/IPS with the ability to track floods (such as SYN, ICMP etc.)
  • Install a firewall that has the ability to drop packets rather than have them reach the internal server. The nature of a web server is such that you will allow HTTP to the server from the Internet.  You will need to monitor your server to know where to block traffic.
  • Have contact numbers for your ISP’s Emergency Management Team (or Response team, or the team that is able to respond to such an event).  You will need to contact them in order to prevent the attack from reaching your network’s perimeter in the first place.

Host based mitigation:

  • Ensure that HTTP open sessions time out at a reasonable time.  When under attack, you will want to reduce this number.
  • Ensure that TCP also time out at a reasonable time.
  • Install a host-based firewall to prevent HTTP threads from spawning for attack packets

Proactive measures:

  • For those with the knowhow, it would be possible to “fight back” with programs that can neutralize the threat. This method is used mostly by networks that are under constant attack such as government sites.
Advertisements

Tags: , , , , , ,

3 Responses to “How to protect your network from cyber-attacks”

  1. Network Security Tips from Astaro - Website Magazine - Website Magazine Says:

    […] network based mitigation, host based mitigation and proactive measures for avoiding cyber-attacks. Read the entire post here. “The recent attacks on US and South Korean websites is yet another example of how vulnerable […]

  2. Network Security Tips from Astaro | MrWebMarketing - Motivational Speaker | Guest Speaker | Keynote Speakers - Internet, Facebook, Twitter, Blogging Says:

    […] The post, written by Astaro’s Tim Cronin, includes advice on network based mitigation, host based mitigation and proactive measures for avoiding cyber-attacks. Read the entire post here. […]

  3. Network security basics: protecting one’s network against cyber-attacks « Network Security News Says:

    […] misuse of the resources. Astaro Internet security mentions several basic ideas in their post How to protect your network from cyber-attacks.  It is said that there are three measures network administrators can take to avoid the types […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: