industry best practice against ddos attacks
DESCRIPTION
Industry best practices to protect the network against DDoS attacks. A Case StudyTRANSCRIPT
Industry best practices to protect the network
against DDoS attacks Public University
By Marcelo Silva
INTRODUCTION
The public university has faced a DDoS attack on its web-based registration system.
The network was compromised after some password sniffers have been deployed and
one of them has captured an administrator password and then the bots were installed
on some internal hosts, located in the university’s Computer labs, where the attacks
were originated from.
Thus, the internal network has proven be vulnerable, while the university perimeter
network is well protected behind of some technologies such as firewall, NIDS and ACLs.
How could the industry best practices protect the university’s network?
1. Implementing a Patch Management System
2. Deploying Internal firewalls, IDS and creating a DMZ
3. Install an Antivirus solution on all workstations
4. Improving Security Policies
5. Investing in Security Awareness Program
A best practice is a method or technique that has consistently shown results superior to those achieved with other means. (Wikipedia, 2013)
Implementing a Patch Management System Control and fix Operating Systems and Applications vulnerabilities:
Buffer overflow
Remote Code Execution
Elevation of Privilege
Automate patches deployment
Avoid administrator’s password exposure during patches deployment
Deploying Internal firewalls and IDS Create network segmentation
Create a Demilitarized network zone (DMZ) for the webservers
Filter internal traffic
Deploy IDS sensors into the internal networks
Deploy host-based IDS
Many organizations continue to attribute a significant percentage of their corporate “cyber losses” to inside attacks, indicating the need for more robust firewall filtering throughout the enterprise network segments. (Cisco, 2006)
Install an Antivirus solution on all workstations
Deploy an Antivirus software on all computers
Protecting file systems, Internet browsing and messaging activities
(Virus, Worms, Backdoors, Rootkits, Trojans)
Deploy a centralized management system for the Antivirus
Improving Security Policies Limit incoming connections
Use encryption for network communication
Minimize Remote Access (strong authentication, peer-to-peer VPNs)
Use secure protocols
Educate Users (Information Security Awareness Program)
References EC Council (2010). Ethical Hacking and Countermeasures, Threats and
Defense Mechanisms, Clifton Park, NY: EC-Council Press.
Cisco Systems (2006). Deploying Firewalls Throughout Your Organization. Retrieved January, 10, 2013, from http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/prod_white_paper0900aecd8057f042.pdf.
Wikipedia (2013). Best Practice. Retrived February, 08, 2013, from http://en.wikipedia.org/wiki/Best_practice