It is only a matter of time before an unsecured system becomes contaminated and losing valuable data. In addition, poorly secured system that is compromised can be used for a number of illegal activities. It was reported that several major Internet sites were disabled by attacks that were launch through the use of thousands of these devices. To enhance security and free system resources on the system we need to disable any services that are not required.
Every running, but unused, service on a machine is an unnecessary security vulnerability. Users may not even be aware that many of these services are running. Whether it is a Windows PC, router, switch, Linux machine or network enables device, the out-of-the-box configurations must be altered to meet the security needs of most businesses with an Internet presence.
Each additional service running on a machine may be a possible avenue for a network cracker to penetrate the system. As such, it is important to know the security implication of any network service before enabling it. For example, if the 'telnet' service is activated, a telnet client running on another device on the network can easily establish a telnet session to the system. In this case, the telnet client needs only the IP address of the system and the port or socket number of the network service running on the system.
One way to check the list of ports running on your system is to go to one of the many web sites that can run a remote scan of your system and tell you how secure it is. Once you have the list, the next step will be disable those unnecessary one on the system.
There are many good software packages available to allow users to secure their system. "Firewall" is one of these software packages. It can be used to deny various ports from the access by another device located on the network. Majority of the routers installed today have basic NAT firewall protection. It is good to use them as the first firewall protection for Internet connection.
As a final note, the fewer services running in your system at boot time, the quicker the system will boot. Unnecessary services not only subject you to security risk. They also slow down the operation of your system. The rule of thumb for TCP and UDP ports is: Turn off any services or listeners that you do not need for your application to function.
No comments:
Post a Comment