According to the FBI, billions of dollars are lost each year repairing network resources hit by computer attacks. If your organization's computers are on a network connection, intrusion is going to happen sooner or later. Having an Internet connection means your organization's computer network is at risk, as long as a computer is on. An intrusion is any access to data by an unauthorized individual. If someone does infiltrate your organization's computer network, they can steal or alter data, system configurations can be changed, or hackers could install software, which gives them access to your organization's computer network resources.
A common way for unauthorized users to access your organization's network resources is through open ports. The unauthorized user can use an automated scan to find open ports and do additional research to see if they hold any vulnerable information. A firewall and router can be used to stop unauthorized users access to your organization's network resources. For remote users, your organization can use Virtual Private Networks (VPN). Another threat that your organization's network resources are vulnerable to is a DDoS attack. Hackers use the Internet of Things to overload your website, server or network resources in an effort to stop your employees or customers from using your organization's services. IT Professionals are responsible for the safety of company data, so backups are a critical component of safety in case your network resources are compromised.
What is an Open Port?
One of the most common ways of gaining unauthorized access to a computer network is by looking for open ports. Open ports can include the Web, FTP and email. If an open port is listening for requests, a hacker can exploit it and gain access to your organization's network resources. Hackers are continuously browsing the Internet with what is called a port probe. A port probe is automated software that locates computers with open ports. Many printers and file sharing tools have open ports. Deactivate these ports if employees do not need to share files or printers.
How Do I Know if I have an Open Port?
You can check your computer for open ports using software tools. Solarwinds offers a free download to generate a list of open, closed and filtered ports for your IP address with the Port Scanner tool.
How Do I Secure My Open Ports?
The easiest way to secure your open ports is to turn off your computer when you are not using it. When a computer is turned off it is not vulnerable to attack, as the ports are inactive. The organization's computers should always download the latest operating system patches and service packs when they are available to help keep computer security up to date.
Should I Just Close All Ports?
Unfortunately, you would not be able to use any of the Internet services like email, browsing the Web or instant messaging. It is the firewall's job to block only unnecessarily open ports targeted by unauthorized users.
What is Firewall Protection?
A firewall is software or hardware designed to filter out suspicious packets attempting to enter or leave a computer. The firewall qualifies incoming information to identify if it is unauthorized or not, blocking activity from suspicious IP addresses. It will also warn you if an intrusion occurs, so you know if an unauthorized person is trying to access your computer.
How can a Router Help Secure My Network?
A router monitors the IP addresses of packets on a Local Area Network (LAN). Local address packets are kept within the LAN while external address packets are routed out to the Internet. The router will have its own IP address so when accessing the Internet all packets from the Internet go through the router.
Network address translation (NAT) is the process the router uses to keep track of packets and their IP addresses. The router's NAT is the first secure point that packets are introduced to, then the packets are distributed by the ISP. The router screens incoming packets and only lets through safe packets to your ISP, stopping any unauthorized packets from entering the network resources.
How Can I Secure Remote Users?
A Virtual Private Network will encrypt the data a remote computer transfers, keeping passwords safe from unauthorized users. VPN allows remote employees to securely access the organization's applications and information.
To fully secure your organization's computers, make sure to turn off your computer when not in use, make sure all unnecessary ports are closed, activate a firewall, turn off file and printer sharing if not needed, and install a router. This will give unauthorized users less opportunity to access your organization's computers and network. Some organizations prefer that you follow specific protocols, so make sure to check with the IT department before implementing any of these procedures. Even if you take precautions your network resources could still be vulnerable to DDoS Attacks.
What is a DDoS Attack?
Even if you secure your ports, have a firewall and do all the other things recommended to stop unauthorized intruders, they can still shut down your website or servers. A distributed denial of service (DDoS) attack uses multiple compromised computers to attack a company's server, website or network resources. The attack will inundate the organization's network resources through an increase in incoming queries and connection requests that forces the network resources to slow down or crash.
What are the Types of DDoS Attacks?
The most common DDoS attack is a volumetric attack, according to Calpytix Security. A volumetric attack uses multiple infected systems to flood the network with a large amount of traffic. By doing this the attacker consumes more bandwidth than the network can handle, slowing it down or even crashing the network resources. Another type of DDoS attack is an application-layer attack. This attack targets web application packets in an effort to disrupt the transmission of data between hosts. A third type of DDoS attack is a state-exhaustion attack. This attack targets the connection state tables in firewalls and other infrastructure components. Calpytix Security describes the â€œping of deathâ€ where a 65,536-byte ping packet is defragmented and sent to the target server as fast as possible, causing a buffer overload.
What is the Internet of Things (IoT)?
The Internet of Things is the network of devices, vehicles, home appliances and any item with network connectivity allowing it to exchange data. The Internet of Things is all around us, from a smartphone to the toaster in your kitchen - yes, there are toasters that can connect to the Internet! The Internet of Things can be used to take down computer networks through a DDoS attack because most of them do not have any type of protection from unauthorized users. Without proper security, the Internet of Things can be used to attack a computer network or website and deny service to its users.
Use Online Backup Services
Just in case your computer network resources are compromised, it is smart to backup your organization's resources. Do a full backup to make a copy of every file in the folders that are specified for backup. The backup software includes modules for restoring files.
Interested in learning more about keeping your organization's network resources secure as a computer security technician? The Network Administration and Computer Security certificate program provides training and instruction in network administration, computer repair, and end user support. Network Administration and Computer Security students will receive broad instruction so that the skills can be applicable to a variety of situations and allow for growth and specialization within their chosen field.
Contact us today to learn more about becoming a computer security technician.