Identifying Risks, Response, and Recovery
Amy E. Moody
IDENTIFYING RISKS, RESPONSE AND RECOVERY 2
Identifying Risks, Response and Recovery
I previously identified several types of attacks, threats and vulnerabilities that exist with your multilayered network. I have now been charged with the responsibility of developing a strategy to deal with these risks as well as a plan to mitigate each risk to reduce the impact that each will have on your organization.
Your firewall, which is your first line of defense, is susceptible to two common types of attacks. First there are attacks against the firewall itself with the purpose of the attacker being to take control of the firewalls functionality and then launching a DoS attack. The second type of attack against firewalls is an attack on the LAN side of the firewall. These attacks circumvent the rules and policies of the firewall to gain access to the devices that are supposed to be protected by the firewall. The largest vulnerability that exists with firewalls is improper configuration settings. This can lead to the development of security holes which allow unauthorized access from both outside and within your network. All of the aforementioned attacks, threat and vulnerabilities can be mitigated and or avoided altogether. There are several keys to ensuring that your firewall is as secure as possible. Use a VPN for all non-public traffic. Ports on your firewall should only be open for services that are utilized by the public. Because most people have dynamic IP addresses, your firewall has to constantly open ports and modify its rules to allow access, this can lead to ports being left open and vulnerable to attacks. Limit the size of your network. Simply put, if you don’t need it, turn it off. If your servers are not running a service that is used by the public, don’t allow it...