First off, an online virus is a malicious program, usually made by hackers whose main intent is to cause mischief and spread their virus on the web. Hackers are basically extremely intelligent individuals with extremely inflated egos. They aim to hack and break into the most secure of locations, primarily government databases and various banks online. However there are those who start out small; amateur hackers who just want to disrupt people's lives and cause a little bit of mayhem.
There are many ways you can prevent yourself from becoming a victim of these hackers.
1. Follow forums
It is always a good idea to follow hacking forums as you will be able to pick up on all the latest methods being used. A good ethical hacking forum can be found at http://zerosecurity.org
2. Change default password immediately
Some software has built-in password to allow the first log in after installation; it is extremely unwise to leave it unchanged.
 |
| change your password now bad boi |
3. Identify entry points
Install proper scanning software programs to identify all entry points from the internet into the internal network of the company. Any attack to the network needs to start from these points. Identifying these entry points, however is not at all an easy task. It is better to take the help of skilled ethical hackers who have taken special network security training to perform this task successfully.
 |
| one of the best programs around: McAfee. Not ad advertisement. |
4. Perform attack and penetration tests
By running the attack and penetration tests, you can identify those vulnerable points in the network that can be easily accessed from both external and internal users. After identifying these points, you would be able to thwart attacks from external sources and correct the pitfalls that could become the entry points for intruders to hack into your network. The test must be done from both the internal as well as external perspectives to detect all the vulnerable points.
5. Make user-awareness campaigns
All possible steps must be taken to make all the users of the network aware of the pitfalls of security and the necessary security practices to minimize these risks. You can conduct the social-engineering tests to determine the user awareness. Until all the users are aware of certain factors related to the network, protection cannot be carried out in the true sense of the term.
6. Configure firewalls
A firewall if not configured properly can act like an open door for any intruder. Hence it is vitally important to set the rules to allow traffic through the firewall that is important to the business. A firewall must have its own configurations depending upon the security aspect of your organization. From time to time proper analysis of the composition and nature of the traffic itself is also necessary to maintain security.
7. Implement and use password policies
Use strong password policies by having passwords of seven characters which are of secure length and relatively easy to remember. Passwords must be changed in every 60 days. The password should also be made up of both alpha and numeric characters to make it more unique.
8. Use password-less authentication
Regardless of the policies above, passwords are less secure than SSH or VPN keys so think about using these or similar technologies instead. Where possible, use smart cards and other advanced methods. Most banks in Singapore area already this method by employing a one-time authentication code sent to the owner either via sms or with a keycard.
9. Remove default, test and example pages and applications that usually come with web server software
They may be a weak point to attack and as they are the same in many system the cracking experience can be easily reused. Some viruses, like the Trojan, use seemingly innocently looking files sent via email of through hyperlinks to attack other computers.
10. Install anti-virus software
This is quite pointless to reiterate, but I will do it for the benefit of those who really don't have half a brain to do so. Both intrusion detection
systems and anti-virus software must be updated regularly and if
possible on a daily basis. The updated version of anti-virus software is
necessary as it helps in detecting even the latest virus.
So yes, I HOPE (really) that people take the time to read this and beef up their internet security. We are already so vulnerable in the digital age, with all our personal information readily available on public platforms, no need to make our lives harder by allowing people to hack and access even more personal, intimate info. Stay safe people!
No comments:
Post a Comment