Many say that information is power. Then, why do you give power to your foes? Is that your wishes? There is the idea being this article: cut the information pipeline of to your enemy to prevent you greater harm.<\/p>\n
Do not help your attackers gathering information about your network. The first step of an attack is the reconnaissance of the playground. It’s done by social engineering, physical site reconnaissance, internet search, network mapping and DNS reconnaissance. After they map their target by war dialling, network mapping (ICMP), port-scanning and vulnerability scanning.<\/p>\n
If you cut their sources of information they’ll not easily be able to go through these first essential steps. The principle is the same as in personal self-defence, if you look self-confident, attentive and aware, most of your possible stalker will watch for another target; they don’t need to get in trouble with you; they need an easy pray; a pray that they can hunt easily. The same principle is present here; if the first steps of an attacker are hard to get troughs, most of the attackers will try to find another, more easily penetrable system. Sure that there are exception, if your attacker is searching challenge and not profit (money or peer acceptance), you’ll probably fit his prey pattern and get stock with him. <\/p>\n
You need to always have in mind you goal. Your goal is to limit the information that attackers can gather from your organisation, his personal and your network. By remembering this goal, you’ll probably be able to find what your information leaks are and how to prevent them. There are some examples:<\/p>\n
•\tYour attacker can bring much information by looking at your garbage containers.
\no\tYou can hire a specialised garbage collector that will destroy your garbage’s. (Just ensure that the company is trustable).<\/p>\n
•\tYour attackers can bring information on your employees for further social engineering tricks.
\no\tYou can try to limit the information about your employees you put on the internet. (Example, by not putting your employees’ contact book.
\no\tYou can teach your employees to be aware of this situation; how attackers do this type of attack on them.<\/p>\n
•\tYour attacker can map your network by ICMP querying.
\no\tYou can block the ICMP echoing of certain critical part of your network.<\/p>\n
•\tYour attacker can do banner grabbing to try to know which program deliver a specific service (example sendmail for SMTP).
\no\tYou can choose a product where you can alter or delete the banner when a session is open (a banner is a signature sent by a software generally when a connection is attended).<\/p>\n
•\tYour attacker can try to guess your firewall rules with a TCP ACK scan.
\no\tYou can also choose a firewall that store the stage of his connection to refuse the ACK response packet.<\/p>\n
•\tYour attacker can use packet fragmentation options to do his scan to stealth the scan attempt toward the firewall and IDS (old ones)
\no\tYou can use a firewall or IDS that refragment packets before analysis.<\/p>\n
These examples are obvious. However, the goal isn’t to do an exhaustive checklist of what to do, but to give you some example that will help you find information leaks about your company.<\/p>\n
What’s important here is to always have the principle in mind. How to implement this principle in the everyday life of your enterprise is another question but you have some leads here.<\/p>\n
Enjoy the principle, the lecture and feel free to add your stone to the foundation.<\/p>\n","protected":false},"excerpt":{"rendered":"
Do not give power to your foes The principle of information pipeline Many say that information is power. Then, why do you give power to your foes? Is that your wishes? There is the idea being this article: cut the information pipeline of to your enemy to prevent you greater harm. Do not help your […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[56],"tags":[],"class_list":["post-189","post","type-post","status-publish","format-standard","hentry","category-security"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/189","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=189"}],"version-history":[{"count":0,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/189\/revisions"}],"wp:attachment":[{"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=189"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=189"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fgiasson.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=189"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}