- Apply latest patches and service packs
- Harden TCP/IP stacks by applying the appropriate registry settings to increase the size of the TCP connection queue. This is to ensure that the queue is never exhausted
- Implement monitoring tools such as Intrusion Prevention Systems (IPS). IDS is too passive, I usually advise IPS.
- The ability to monitor network traffic is a key component of protecting Information systems. However, defending systems from threats can be a daunting task. Firewalls are commonly used to provide a layer of security for its respective local network, even though Firewalls do have their own limitations as most can only block threats and attacks based on IP addresses or ports. In contrast Network Intrusion Prevention Systems (IPS) is able to use signatures designed to detect and defend from specific types of attacks such as denial of service attacks among others. This is an advantage, for instance, with sites hosting Web servers.
- Establish a network protection strategy based on the principle of defense-in-depth. This must be an integral consideration in all technical decision making associated with the network.
- Block all unused ports
- Disable all unused services, protocols and functionalities
- Harden weak default configuration settings
- Configure secure web permissions
- Configure web server to reject URLs with “ ../” path Traversal
Previous Post: Wireless Networking Standards – Quick Glance