Prevention

*PREVENTION*

 

Like detection and recovery, a system administrator must actively work on preventing hackers from gaining entry to a network or machine.  It is important to keep in mind that no system is 100% secure, but there are measures that can be taken to make it harder to hack.

Securing

  • Disable all unused services and/or services that are considered unsecure (NFS, RPC, etc.)
  • To see what ports are being used on your system, use netstat [ netstat in use ]
  • Properly configure services that are used
  • Enforce strong passwords and change passwords frequently
  • Educate users on common security issues and practices
  • Properly set user permissions & file permissions [ typical linux filesystem layout ]
  • Install patches and upgrade software with recent versions
  • Install software/hardware to protect your systems (routers, firewalls, portsentry, ipchains, tcpwrappers, etc.)

IP Filtering

  • Block IP addresses of undesirable hosts and ports that you want to deny access to with firewalls or TCPwrappers
  • Install firewalling software such as ipchains or netfilter for Linux, ipfw (IP firewall) for FreeBSD, IPFilter for other BSD's and Solaris, or Cisco ACL's (Access Lists) for Cisco routers [ typical firewall diagram, arched data path is unfirewalled ]

 

http://game.all.net/game?what=Hack

This link is to a very well thought out game that involves a hacker trying to compromise a system or a number of systems. Please go here and run through a few of the scenerios presented. You should get a feel for what a hacker has to do in order to gain access to a computer, and should realize a bit more about how to prevent such an attack on your computer or network.

 

[Index] [Introduction] [Attack] [Detection / Recovery] [Prevention] [Conclusion] [Credits]