Category Archives: Network security

5 Key Computer Network Security Challenges For 2013

With each passing year, the security threats facing computer networks have become more technically sophisticated, better organized and harder to detect. At the same time, the consequences of failing to block these attacks have increased. In addition to the economic consequences of financial fraud, we are seeing real-world attacks that impact the reliability of critical infrastructure and national security. With these observations in mind, here are five key challenges that computer security professionals face as we move into 2013.

  • State-sponsored espionage and sabotage of computer networks

Current security technologies and best practices are not effective at preventing sophisticated, targeted attacks from being successful. This fact was underlined earlier this year when a malicious program called Flame was discovered after evading detection by anti-virus software for years. Similarly, a recent study by Symantec Research Labs identified 18 undisclosed security vulnerabilities that were used to target computer networks in the wild for up to 30 months before they were discovered. The consequences of missing these attacks can be significant, as demonstrated by the Shamoon malware that recently hit several companies in the oil and energy sector. Shamoon erases data and renders machines unbootable.

New strategies are clearly needed to fight advanced attacks. Looking for known malware and attacks that target known vulnerabilities is not effective in this context because we don’t know exactly where the next vulnerability will be found or what the next attack will look like. Instead, we need to develop tactics that focus on the behavior of software, systems and actors on the network. By investigating both specific, suspicious behaviors that we know to be associated with malicious activity, as well as general anomalous behaviors that are unusual or unexpected, we can uncover evidence of attack activity even when we are not exactly sure what to look for at the outset.

  • Monster DDoS attacks 

Distributed denial-of-service attacks have become increasingly popular with attackers, and the size of the attacks keeps getting larger. The DDoS mitigation firm Prolexic reported an 88% increase in the number of DDoS attacks launched in Q3 2012 versus a year earlier, with substantial increases in both the duration of the attacks as well as the amount of bandwidth involved. Furthermore, early this fall, the websites of several large U.S. financial firms were disrupted by a DDoS attack that reportedly exceeded 60 Gbps – much larger than the typical 5-10 Gbps attack.

The time to prepare for a DDoS attack is not the day that one’s website goes down. Firms that are effective at protecting their networks against these incidents have: Assessed the risk of several different kinds of DDoS attack scenarios well in advance; developed processes for responding in the event that one of those scenarios occurs; and have tested those processes with real drills in order to ensure that they work as expected when needed. Getting this right is a top priority for any firm with a large Internet presence in 2013.

  • The loss of visibility and control created by IT consumerization and the cloud

When workloads move into the cloud, organizations lose control over who can access the computer systems that those workloads are running on. They also often lose visibility into what resources were accessed, when they were accessed and from where. The providers of cloud services and technology tell us not to worry about all of that, but seasoned IT security professionals know better. And this problem isn’t limited to the cloud. With bring-your-own-device (BYOD) programs, IT is losing control over the software load, configuration and patch level of network endpoints. IPv6 is going to create its own visibility gaps, beginning with vulnerability assessment, as large address ranges are more difficult to scan.

Organizations have to start demanding their network visibility back. There is no reason that new information technologies cannot be designed with the capability of providing security controls and audit trails to people who need them. The best approach to providing those basic capabilities might be different than in legacy systems, but at the end of the day, it is not impossible to solve these problems. It is all a matter of exposing the right information and regaining control in the right way.

  • The password debacle

2012 was rife with large disclosures of passwords and password hashes from major websites that were breached, including Zappos, LinkedIn, eHarmony, Last.fm, Yahoo Voice and Formspring. In addition, attackers are constantly scanning the Internet for exposed, password-protected services like Secure Shell (SSH) and Remote Desktop Protocol (RDP). Accounts on these services are subject to brute-force cracking, and have a tendency to show up on the black market.

The fact is that passwords, as a security technology, are reaching the end of their useful life. Moving to a world where alternative authentication systems are the norm is incredibly difficult, and as a consequence we are entering into a period of time when we are going to have to continue to rely on a security control that doesn’t work. Encouraging users to pick longer passphrases, and proactively auditing networks for weak passwords are steps that can be helpful during this time. Increasingly, we are going to see attackers entering networks with legitimate access credentials without ever having to fire an exploit that would trigger an intrusion detection system. We need to be prepared for this type of attack activity.

  • The insider threat

The insider threat has traditionally been viewed as a high-consequence but low-frequency risk, and many IT organizations have found it challenging to develop effective programs that manage that risk. Even the concerns that were raised over WikiLeaks have failed to create much of a response, because security professionals don’t agree on the right approach. However, some good answers have finally started to appear.

For years, researchers at the CERT Insider Threat Center at Carnegie Mellon’s Software Engineering Institute have been collecting and studying data on real-world insider incidents. This year, they published a book cataloging the results of their research, called The CERT Guide to Insider Threats. This book is an invaluable guide to establishing effective processes for managing the risk of insider attacks, and it should be on every security professional’s wish list this year. In general, the insider threat drives home the point that perimeter defenses are no longer enough. IT organizations also need to be able to see into their internal networks to identify suspicious activity.

In a recent public comment, former U.S. Cybersecurity Czar Howard Schmidtspoke of the important role that security professionals are playing in keeping infrastructure up and running. “Security professionals day after day, not withstanding disruptions, still keep the machine running,” he said. “We are able to do online banking and shopping most of the time – and it’s a direct result of the security professionals…” To be sure, 2013 promises to be another challenging year for those professionals, but being adequately prepared to address the above threats will help keep businesses running and critical infrastructure secure.

Vyom Consultants is among the leading Network Security companies in India and offers various types of Network security products.

Set up a web server and enable https connection.

Sukanya Anoop

HTTPS is a secure communications channel that is used to exchange information between a client computer and a server. It uses Secure Sockets Layer (SSL). A SSL certificate is a way to encrypt a site’s information and create a more secure connection.

We need to do the following steps to setup a secure web server- apache using SSL

  • Install apache2 web server
    sudo apt-get install apache2
  • The next step is to enable SSL on the droplet.
    sudo a2enmod ssl
  • Restarting Apache.
    sudo service apache2 restart
  • We need to create a new directory where we will store the server key and certificate
    sudo mkdir /etc/apache2/ssl
  • Create a self-signed certificate : We nee to specify how long the certificate should remain valid by changing the 365 to the number of days we prefer. As it stands this certificate will expire after one year.
      sudo openssl req -x509 -nodes -days 365 -newkey…

View original post 162 more words

Microsoft joins list of recently hacked companies

The software giant said it was hit with a similar hack to that used against Facebook and Apple

Microsoft has disclosed that it recently fell victim to the same type of cyberattack that targeted Apple and Facebook.

“During our investigation, we found a small number of computers, including some in our Mac business unit, that were infected by malicious software using techniques similar to those documented by other organizations,” the company said on its Security Response Center website Friday.

“We have no evidence of customer data being affected and our investigation is ongoing,” it said.

Microsoft joins a list of companies that’ve recently reported being hacked, including Facebook, Apple, Twitter, The New York Times and The Wall Street Journal.

Apple and Facebook were both targeted via a vulnerability in Oracle’s Java platform, and Microsoft said Friday it was hit by a similar attack.

“This type of cyberattack is no surprise to Microsoft and other companies that must grapple with determined and persistent adversaries,” it said.

The Times, the Journal and Apple each pointed at China as the source of the attacks. Twitter didn’t say where it thought the attacks originated but urged 250,000 of its users to change their passwords.

China has denied involvement in the attacks.

For Network security products and services visit Vyom Consultants.

 

Network Security and IT consultants

IT consultants in Pune

Vyom consultants is a leading network security and IT support companies in pune and offers services like network management services, remote support services, colud integration services and system integration services. Vyom also provides data center installation support and data center virtualisation.

Security services

IT security breaches are major cause of concern for organizations these days. These breaches can lead to theft of data and money, trashing of the trust and brand reputation and total disruption of the key services. It is therefore imperative to invest in efficient security tools and processes. Most of the businesses are facing this threat on a daily basis. It has been observed that even minor breaches can lead to major losses. To tackle this threat, vigilance has to be maintained round the clock, which requires heavy investment in security tools and processes.

VYOM provides customized Open Source security solutions for small organization to large organizations through technologies like State Full Inspection Firewall, Intrusion Detection System, Network Vulnerability Assessment, Security Audit etc. By guarding & protecting enterprise network be it at the gateway, server or client level, will help you ensure integrity of information that powers your business. VYOM would assist you ensure information security with multiple layers of protection.

VYOM Consulting Services are based on proven methods and best practices through which they have been able to provide outsourced security management, monitoring, and response services to help you solve security problems cost-effectively. Allow our representative to either call you in 24 hours or E-Mail you for greater details about our services.

Counsultancy in IT

Information Technology (Technical) consulting requires strong technical knowledge & ability to understand technology keeping long term business issues in mind. VYOM has right mix of people with technical experience & wide functional experience. Hence we strongly believe, VYOM provides you best technical consulting.

Network management services

Network management is a service that makes use of a variety of tools, devices and applications to assist network managers in the maintenance and monitoring of large-scale computer and telecommunications networks.

Remote support services

Remote Support Services are designed to help customers automate, maintain, and support their organizations’ core IT service Management functions and reduce the overall cost of IT operations.

Data Centre Virtualisation

Virtualisation improves the efficiency of resources and availability of applications in your organization, addressing the issue of underutilized resources in a traditional model of single applications housed on dedicated servers.

A virtualised data center, lets you respond to business change faster and more efficiently than ever before; consolidation of resource pools delivers substantial savings, improved returns on investment whilst maintaining high-availability for mission critical services.

Cloud Computing

LOOKING TO MOVE TO THE CLOUD? VYOM CAN DELIVER A CLOUD-READY PLAN FOR YOUR BUSINESS

We believe that IT is a strategic asset and an opportunity for delivering competitive advantage.  Through implementation of Cloud Computing, we can drive further value and performance improvement for all businesses both large and small.  Through our Cloud Integration Services, we can help you uncover more ICT efficiencies and business value.

Cloud Computing is an emerging technology which should be examined strategically for a business. It is not just about selecting the appropriate cloud solutions but how IT will inter-operate across the business.”

For more details visit VYOM consultants