Communications Security

From Guidance Share

Jump to: navigation, search

Contents

Description

Vulnerabilities

  • Communication channel is insecure (lacking confidentiality protection)


Attacks

  • Denial of service
  • Information gathering
  • Network Eavesdropping
  • Session hijacking
  • Sniffing
  • Spoofing


Countermeasures

  • Utilize SSL or IPSec w/ Encryption to establish a secure communication channel
  • Configure routers to restrict their responses to footprinting requests.
  • Configure operating systems that host network software (for example, software firewalls) to prevent footprinting by disabling unused protocols and unnecessary ports.
  • Use strong physical security and proper segmenting of the network. This is the first step in preventing traffic from being collected locally.
  • Encrypt communication fully, including authentication credentials. This prevents sniffed packets from being usable to an attacker. SSL and IPSec (Internet Protocol Security) are examples of encryption solutions
  • Filter incoming packets that appear to come from an internal IP address at your perimeter.
  • Filter outgoing packets that appear to originate from an invalid local IP address.
  • Use encrypted session negotiation.
  • Use encrypted communication channels.
  • Stay informed of platform patches to fix TCP/IP vulnerabilities, such as predictable packet sequences.
  • Apply the latest service packs.
  • Harden the TCP/IP stack by applying the appropriate registry settings to increase the size of the TCP connection queue, decrease the connection establishment period, and employ dynamic backlog mechanisms to ensure that the connection queue is never exhausted.
  • Use a network Intrusion Detection System (IDS) because these can automatically detect and respond to SYN attacks.


Done

Personal tools