Skip to main content

Network and Systems Hardening

Network hardening Make sure your firewall is correctly configured, that all rules are periodically reviewed, that remote access points and users are secure, that any open network ports are blocked, that extraneous protocols and services are disabled and removed, that access lists are in place, and that network data is encrypted. Systems Hardening Audit your current systems: Conduct a thorough audit of your current technologies (you can use). To identify system weaknesses and order remedies, use security auditing techniques like configuration management, vulnerability scanning, and penetration testing. Utilize industry standards from NIST, Microsoft, CIS, DISA, and other sources to conduct system hardening assessments against resources. Create a strategy for systems hardening: Not every system needs to be hardened at once. Instead, develop a strategy and plan based on the risks found in your IT ecosystem, and then utilize a staged approach to fix the most serious issues. Patch ...
Post a Comment

SQL Injection

 A code-based vulnerability called SQL Injection enables an attacker to view and access sensitive database data. Attackers can alter, add to, update, or delete records in a database using SQL queries, circumventing the security safeguards of applications.

SQL Injection Cheat Sheet

SQL Injection Detection Tools

1. IBM Security AppScan

2.N-Stalker Web Application Security Scanner

Comments

Post a Comment

Popular posts from this blog

Network management/monitoring tools

1 . SolarWinds Network Performance Monito r- This network monitor is based on SNMP,it includes a deep packet inspection function. It works on Windows Server.  2. ManageEngine Network Topology Tool with OpManage A network monitoring system that uses Ping sweeps and SNMP processes to watch performance. Available for Windows Server and Linux. 3. Paessler PRTG This monitoring package is a bundle of monitors, which are called sensors. One sensor, called a packet sniffer, notes packet header contents but does not capture them. It installs on Windows OS. 4. Splunk App for Stream An add-on for a well-known network data processor. Splunk Stream can perform a full packet capture or generate metadata by reading passing packet headers. It runs on Windows, Linux, macOS, FreeBSD, Solaris 11, and AIX. 5. Omnipeek A neat network monitor with some great data visualizations that sources data with a network analyzer. It works on Windows. 6. NetSpot An impressive wireless network analyzer with a s...
Post a Comment
Read more