Skip to main content

Network and Systems Hardening

Network hardening Make sure your firewall is correctly configured, that all rules are periodically reviewed, that remote access points and users are secure, that any open network ports are blocked, that extraneous protocols and services are disabled and removed, that access lists are in place, and that network data is encrypted. Systems Hardening Audit your current systems: Conduct a thorough audit of your current technologies (you can use). To identify system weaknesses and order remedies, use security auditing techniques like configuration management, vulnerability scanning, and penetration testing. Utilize industry standards from NIST, Microsoft, CIS, DISA, and other sources to conduct system hardening assessments against resources. Create a strategy for systems hardening: Not every system needs to be hardened at once. Instead, develop a strategy and plan based on the risks found in your IT ecosystem, and then utilize a staged approach to fix the most serious issues. Patch ...
Post a Comment

Port scanning applications

 Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.



Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. It works by sending out TCP or UDP packets with a TTL one hop greater than the targeted gateway

SuperScan is a free connect-based port scanning software designed to detect open TCP and UDP ports on a target computer, determine which services are running on those ports, and run queries such as whois, ping, ICMP traceroute, and Hostname lookups


 


Comments

Post a Comment

Popular posts from this blog

Network management/monitoring tools

1 . SolarWinds Network Performance Monito r- This network monitor is based on SNMP,it includes a deep packet inspection function. It works on Windows Server.  2. ManageEngine Network Topology Tool with OpManage A network monitoring system that uses Ping sweeps and SNMP processes to watch performance. Available for Windows Server and Linux. 3. Paessler PRTG This monitoring package is a bundle of monitors, which are called sensors. One sensor, called a packet sniffer, notes packet header contents but does not capture them. It installs on Windows OS. 4. Splunk App for Stream An add-on for a well-known network data processor. Splunk Stream can perform a full packet capture or generate metadata by reading passing packet headers. It runs on Windows, Linux, macOS, FreeBSD, Solaris 11, and AIX. 5. Omnipeek A neat network monitor with some great data visualizations that sources data with a network analyzer. It works on Windows. 6. NetSpot An impressive wireless network analyzer with a s...
Post a Comment
Read more