"You Need MORE Than A Firewall
To Protect Yourself! Learn The Truth About Firewalls And How To REALLY Protect Your Network
From Attack."
I was right in the middle of this.
The attack started at about two in the afternoon. The email systems
of a well-known online commerce site were being bombarded with messages coming from a computer across the country. There was so much incoming mail that our
mail server was
rapidly running out of disk space. None of our employees could read
their mail because the server was bogged down.
The Internet connection was getting clobbered, too. Mail traffic was
sucking up all of our bandwidth. Worse yet, our customers were getting
booted off our servers -- no one could stay connected.
This situation would be a problem for anyone but for a major e-commerce
site, this was a disaster!
However, in FIVE MINUTES I had things back to normal. I identified
where the attack was coming from, inserted a rule in the firewall to block
the source, and started cleaning up the mail server.
But that's not the end of the story. Four minutes later -- just about
the time our shoppers returned -- another attack hit us!
For the next two hours I battled a hacker determined to destroy my business.
Learn more about this attack and learn how to stop them by giving
us a call at
(302) 999-1899...
Technology
Secret #5
Firewalls Don't Stop Hackers
The only
way to make your company completely safe from attack is to disconnect from
the Internet entirely. Any Internet connection carries the potential
for problems.
Thought
your firewall protected you? The American Heritage dictionary
defines a firewall as "a fireproof wall used as a barrier to prevent the
spread of fire." A barrier.
But in technology terms, a "firewall" is more like a sieve. It blocks
some stuff, but lets other stuff through. It's supposed to work that
way. Hey, you want your email to go through, right?
Depending on how the firewall is configured, it may not let in much.
But even that can wipe you out. If you don't block email access then
you could get bombed like I was. If a hacker has a fatter Internet
connection than you do (more bandwidth), he can effectively take you "off
the air" with a Denial Of Service attack.
What can you do about it? It's pretty easy, really. Follow the
same steps I did in the opening story. You'll need to learn a few
things about networking, a few things about your firewall, and how to
recognize when you have a problem.
We can teach this to you or your staff. Give us a call today.
Technology
Secret #6
How To Hide Your Entire Network
WITHOUT Using A Firewall
I love
the collaborative nature of the Internet. People all over the
world
can work together on projects.
Another thing I love about the Internet is that REALLY SMART PEOPLE thought
it up. They took a phenomenally difficult problem, broke it into
pieces, and made it work. And they keep on improving it!
Long ago a group of these brilliant grad students [and professionals] realized that
companies needed computer addresses for their own private use.
They talked it over, thought about it, then wrote a paper requesting
everyone else's comments.
That paper (and others) describe Private Address Space. Every computer
on a network must have a unique address. Private addresses are
regular computer addresses that work in every way, shape, and form...except
that they CANNOT be transmitted ("routed") over the Internet. They are
totally and completely PRIVATE!
What is the point to having addresses that don't work on the Internet?
In a word, PROTECTION. Any messages originating from a private address CANNOT be
transmitted over the Internet. And the reverse is true also--no messages
from the Internet can be transmitted to a computer using a private address.
Rules built into Internet hardware block messages from passing.
Still don't get it!? Wondering why is this important? It is important
because it is a way for you to hide your entire network. When you use
Private Address Space your computers cannot be directly attacked because
they can't be detected from outside of your company.
This diagram will help --
All of the
computers in the Private Address Space above can see each other, share
files, printers, and so forth but they cannot be seen from the outside
world.
Yet they can still access any site on the Internet. Through a
technique called Network Address Translation each computer in the
Private Address Space can reach the entire Internet while remaining 'hidden'
from prying eyes!
What happens is that the router changes the "To" and "From" parts of the
messages so that the PCs remain hidden. When an Internet site
responds, the router remembers who sent the original message, and forwards
the response to the correct PC. This way the only address seen by the
Internet is the external address of the router -- none of the computers
are ever exposed.
I really want you to get this. I want make sure you understand Network
Address Translation, why it's important, and how to take advantage of it.
Give us a call!
Technology
Secret #7
A $50 Modem Can Do
$1,000,000 In Damage Overnight
The Internet IS NOT your only security risk.
It may not even be your greatest risk.
What would happen if someone could dial into your network? Did
you know that the lowly modem is as good an entry point (sometimes better)
for breaking into your network as your Internet connection? One
employee setting up their modem incorrectly could expose your entire network
to a hacker...
Major banks worry about this. I've done work in some of the
finest institutions in the financial world. Modems are prohibited.
Verboten. Not allowed at all. Ever. Because the bank
knows how damaging it would be for someone to call up a computer and launch
an attack from inside their company.
Make sure your modems are configured correctly. Pick up the
phone to learn more.
If you want knowledgeable help on these matters, give us a ring.
And tell your friends about this site! Thanks.
Click HERE to get to the Home page.
Copyright
© 2003 Stephen Worden's IT Survival Guide™ / Illuminova, Inc.
All rights reserved.