Date

Search News

Archive Crawler
India Asia Middle East Australasia Europe N.America S.America Africa
Finance Personnel Hardware Software Gaming Internet Telecom General
Home
PR Newswire
Business Wire India
RealWire
Finance
Personnel
Hardware
Software
Gaming
Internet
Telecom
General
Features
Globe Newswire
BizWire Express
Tech
-n-
Trivia


Google Custom Search
Click here for Free Industry Resources!
How to Protect Your Network from Cyber-Attacks
Tim Cronin, Astaro Corp.
2009-07-16

There are three measures network administrators can take to avoid the types of network attacks that plagued U.S. and South Korean Web sites including www.whitehouse.gov, NASDAQ, NYSE, Yahoo!'s financial page and the Washington Post. The three areas to focus on are network based mitigation, host based mitigation and proactive measures.

Network based mitigation:

- Install IDS/IPS with the ability to track floods (such as SYN, ICMP, etc.)
- Install a firewall that has the ability to drop packets rather than have them reach the internal server. The nature of a Web server is such that you will allow HTTP to the server from the Internet. You will need to monitor your server to know where to block traffic.
- Have contact numbers for your ISP's Emergency Management Team (or Response team, or the team that is able to respond to such an event). You will need to contact them in order to prevent the attack from reaching your network's perimeter in the first place.

Host based mitigation:
- Ensure that HTTP open sessions time out at a reasonable time. When under attack, you will want to reduce this number.
- Ensure that TCP also time out at a reasonable time.
- Install a host-based firewall to prevent HTTP threads from spawning for attack packets.

Proactive measures:
- For those with the knowhow, it would be possible to "fight back" with programs that can neutralize the threat. This method is used mostly by networks that are under constant attack such as government sites.

http://blog.astaro.com/