Industry best practices to protect the network

against DDoS attacks Public University

By Marcelo Silva

INTRODUCTION

The public university has faced a DDoS attack on its web-based registration system.

The network was compromised after some password sniffers have been deployed and

one of them has captured an administrator password and then the bots were installed

on some internal hosts, located in the university’s Computer labs, where the attacks

were originated from.

Thus, the internal network has proven be vulnerable, while the university perimeter

network is well protected behind of some technologies such as firewall, NIDS and ACLs.

How could the industry best practices protect the university’s network?

1. Implementing a Patch Management System

2. Deploying Internal firewalls, IDS and creating a DMZ

3. Install an Antivirus solution on all workstations

4. Improving Security Policies

5. Investing in Security Awareness Program

A best practice is a method or technique that has consistently shown results superior to those achieved with other means. (Wikipedia, 2013)

Implementing a Patch Management System Control and fix Operating Systems and Applications vulnerabilities:

Buffer overflow

Remote Code Execution

Elevation of Privilege

Automate patches deployment

Avoid administrator’s password exposure during patches deployment

Deploying Internal firewalls and IDS Create network segmentation

Create a Demilitarized network zone (DMZ) for the webservers

Filter internal traffic

Deploy IDS sensors into the internal networks

Deploy host-based IDS

Many organizations continue to attribute a significant percentage of their corporate “cyber losses” to inside attacks, indicating the need for more robust firewall filtering throughout the enterprise network segments. (Cisco, 2006)

Install an Antivirus solution on all workstations

Deploy an Antivirus software on all computers

Protecting file systems, Internet browsing and messaging activities

(Virus, Worms, Backdoors, Rootkits, Trojans)

Deploy a centralized management system for the Antivirus

Improving Security Policies Limit incoming connections

Use encryption for network communication

Minimize Remote Access (strong authentication, peer-to-peer VPNs)

Use secure protocols

Educate Users (Information Security Awareness Program)

References EC Council (2010). Ethical Hacking and Countermeasures, Threats and

Defense Mechanisms, Clifton Park, NY: EC-Council Press.

Cisco Systems (2006). Deploying Firewalls Throughout Your Organization. Retrieved January, 10, 2013, from http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/prod_white_paper0900aecd8057f042.pdf.

Wikipedia (2013). Best Practice. Retrived February, 08, 2013, from http://en.wikipedia.org/wiki/Best_practice