Security Auditing

Security auditing should be a requirement for everyone that is connected to the Internet. There are many tools and programs available to help you test your network or PC at home. A few topics you should read about and have a good general knowledge are:

Firewalls - What they are, how to use one, where to get one,etc.
IDS - Intrusion Detection System
Sniffers - Find out where attacks come from, who sent what packet, etc. Buffer overflow protection - Keep your box safe from this common vulnerability Honey pots - creates virtual systems to trap scanners and hackers Proxy – to help you remain anonymous on the web
SOCKS chain - work through a chain of SOCKS or HTTP proxies to hide your IP

Security auditing can be done for a fee from various companies or done by you to save a few dollars and get more of a “hand on experience” with testing your network or your box at home.. Who knows, you may even learn something. Here are a few things to look for when testing the security of your box:

Vulnerabilities
Malware – Trojans & viruses
NFS &net BIOS - way of sharing file
Network monitoring tools – PC Anywhere, Remote admin, etc
Physical Security – Commonly over looked vulnerability
Wingate - allows a Win95 PC to act as a gateway.
CGI Scripts - poorly written CGI programs are vulnerable to intruders.

These are just a few common and well-known vulnerabilities. For a more detailed list of vulnerabilities visit Http://www.CERT.org

Ports

You should monitor what ports and services are running on your machine. Especially the ones that you don’t recognize. You can find a list of ports and what services run on those ports on any of your favorite search engines. To remove the risk of being attacked, close any application that you find suspicious and view the file’s properties. You should be aware of what ports are open because it gives hackers another place to attack.

Patches, fixes, and updates

For what ever OS, browser, or any other application you use, applying patches are a necessary part of securing your computer. You may have the latest version of X but a week later there’s a number of vulnerabilities, bugs, holes, and flaws discovered. I would recommend checking the company’s web site often for updates and fixes for what ever software, OS, application, etc. you’re using. You may also want to change the default setting or at least take a look at them to make sure they are properly set. Default settings are a common vulnerability. Hundreds of advisories are released daily from various security groups and organizations. One of the largest and well-known organization is the SANS institute. SANS has a large database of advisories, vulnerabilities, and other useful security information. To visit SANS’ web site go to this address: Http://www.SANS.org

Firewalls

Although firewalls are a good method of protecting your computer(s), it shouldn’t be your only line of defense against hackers. Firewalls can provide some degree of protection however, no firewall can detect or stop all attacks, so it’s not sufficient to install a firewall and then ignore all other security measures.


Remote_Access_