10 Crazy IT Security Tricks That PT Recommends

Computer SecurityNetwork security isn’t exactly the ideal place for experimentation, as it relies on tried-and-tested systems and methodologies in order to provide solid security. However, IT security threats these days evolve on a rapid pace and new ones are being discovered or created all the time, so there are times when a little bit of creativity provides new solutions that greatly enhance security without risking any vulnerabilities. Here are ten great examples of crazy IT security tricks that Prestige recommends:

1. Rename Administrator Accounts

Sometimes simple things that help a great deal get overlooked by virtue of their simplicity. This case, it’s something as simple as just changing the usernames of the administrator account. People already know that they should immediately change the password of the administrator account, but the username is usually kept as is for some reason (maybe it’s laziness, or maybe they treat it as a badge of pride.)

Prestige Technologies has proven to be one of the most secure web hosting companies as proven by our high customer retention. Click here and avail of our free 6 months hosting.

Changing the admin account greatly reduces the effectiveness of brute force guessing attempts, mainly because “administrator” is one of the usernames that intruders – both manual password guessers and ones that rely on automated dictionary attempts – will try. If you have administrator as the username, you’ve already lessened their workload by half, all that’s left of their task is guessing the password. But change that administrator password and you automatically double the work they have to do: now they have to guess both the username AND the password.

2. Reduce the Number of Accounts With Admin Privileges

Chalk this up to laziness, but administrators will sometimes give their non-admin accounts elevated privileges because they don’t want to go to the trouble of logging out and logging in to their admin account if they need to do something that requires elevated access. However, the more accounts with admin privileges, the more accounts there are for hackers to compromise. All a hacker needs is just one of those accounts and the whole system goes down. If you limit the amount of accounts with elevated privileges, you lessen the surface of attack. It’s a great deal of added security in exchange for an extremely minor inconvenience.

3. Create a Honeypot

A honeypot is any computer asset that is specifically created to attract hackers (which is where it got its name, it attracts hackers much in the same way a real honeypot attracts bees.) When an intruder or a malware tries to attack the honeypot, it will serve as an early warning for administrators so that they can lock down the rest of the network of isolate the honeypot while they take steps to protect the rest of the network. A honeypot doesn’t have any production value but it can save a company a lot of money that would have been lost due to an outage.

4. Randomize Ports

This works similarly to renaming administrator accounts in principle. If you just use ports that were set by default, you automatically give intruders a hint as to which ones to scan first. Simply using random ports makes their work that much harder as they now have to go in blindly searching for ports to target, instead of being given a straight path to the commonly used ones. Of course, to a hacker it’s very easy to find where the new port has been moved as all it takes is a port scanner, but many hackers (novice and lazy ones) only rely on malware that are coded to use default ports. Simply randomizing ports lets you stave off attacks from a significant number of intruders.

5. Install to Custom Directories

Like many of the tricks in here, this one doesn’t require much effort to implement but can help minimize the attack surface, as it works on a “Security by Obscurity” principle. Automated malware, particularly the poorly coded ones, tend to go for default directories. Simply install your OS or your application to a different directory and a large number of these malwares will not work correctly. This trick will not fool all malwares, but it fools a ton of them and that’s a great increase in security for something that doesn’t require much effort to do.

6. Use a Tarpit

Tarpits are the perfect companions to honeypots. Instead of isolating attacks, a tarpit’s purpose is to slow them down. It works really well for worms, which by default replicate on systems that match their exploit capabilities. Most tarpits work by answering connection attempts with for addresses that were not assigned to legitimate workstations. Once the worm responds, the tarpit then proceeds to slow it down by using various TCP protocol tricks, such as long timeouts, multiple retransmissions, etc. This works in two ways: it slows down worms until it can be caught by an administrator and it slows down manual penetration attacks to the point that they’re unusable or no longer worth the effort. One important thing about tarpits is that they need to be fine-tuned carefully in order to avoid false positives, as there’s a danger that it could also catch and slow down legitimate services.

7. Traffic Flow Analysis

These days it’s a dumb idea to not incorporate any traffic flow analysis in your repertoire, as foreign hackers are multiplying at an alarming rate. Simply analyzing the flow of data to and from your network on a regular basis will help you catch intrusion attempts before they do serious damage. Additionally, there are numerous free and commercial networks available to map your network flows so it’s not like you have to shell out a lot of money for it.

8. Password-Protected Lock Screens and Screensavers

With the advent of LCD screens, screensavers lost their main purpose – which is to save screens from burn-in. It is usually better to just let the monitor go blank in order to save power, but screensavers still serve a function as a security measure, particularly ones that have password protection: it prevents people from getting access to your PC during opportune times when you’re away from your workstation on short breaks, which is a common blind spot for many workers and can be a very serious security risk. It only takes a couple of minutes for a hacker posing as a delivery guy (or a legitimate delivery guy who hacks out of mischief) to compromise an unprotected PC.

9. Disable Internet Browsing on Servers

One of the biggest risks on networks is the users’ actions on the Internet itself, but it’s something that cannot be mitigated because workers need the access to do their work. However, there are computing resources on the network that aren’t really used for Internet Browsing, such as network and file servers. Disabling browsing ability on these computing resources greatly reduce the network’s vulnerability to risk caused by user activity.

10. Lastly, Security Minded Development

As with many problems, sometimes you need to start at the root. For organizations that produce custom code, it is wise to integrate security practices in the development process, in order to ensure that code security will be a priority in any coding project and reducing the risk of vulnerabilities creeping up later. Additionally, programmers need to be proactive and avoid leaving protection measures in the hands of users. For instance, programmers need to avoid producing code that requires elevation or administrator access when there are alternatives, as normal users don’t need to be saddled with the responsibility of opening up ways for malware or hackers to pass through, especially if they aren’t obligated to have the same skillset as a security expert or network administrator.

Leave a Reply

You must be logged in to post a comment.