Essential Network Security Support: ICMP Protocol Security

essential network security support icmp protocol security

Essential Network Security Support: The TCP/IP protocol stack includes Internet Control Message Protocol (ICMP)  designed as a troubleshooting tool that can provide feedback to network devices either for status information or when problems such as network routing failures occur. ICMP has also been used as a cyber-attack reconnaissance tool facilitating mapping of target networks, Denial of Service attacks, and covert channels for remote unauthorized network access. Unfortunately, blocking all ICMP packets on a network is not recommended because certain network functionality cannot operate properly without ICMP. However, proper ICMP filtering can ensure both security and functionality.

Essential Network Security Support

Essential Network Security Support

ICMP type 8 Echo and Echo Reply is probably the most commonly used and familiar type of ICMP. Type 8 ICMP packets provide network feedback to determine whether or not hosts are active on a network. However, Type 8 ICMP can also be used to map a network and determine which hosts are available for attack. In addition, Type 8 ICMP Denial of Service attacks (DoS) are possible by flooding a network with ICMP echo requests until the target servers and/or network connections fail. For this reason block all incoming ICMP requests to private networks, while allowing outbound initiated requests (for troubleshooting) and ICMP echo requests within the private network.

Routers send ICMP Type 5 Redirect messages when other routers on the same network have a better network path for packets received. However, ICMP Redirect messages are also leveraged by cyber criminals to maliciously subvert routing tables and enable IP address spoofing issues. Since networks require ICMP Redirect messages, for increased security configure all networks to send ICMP Redirect messages and deny receipt of these messages from unknown networks.

ICMP Type 9 Router Advertisement packets enable hosts on the local network to only find routers on the local network. Since these packets could be used for a DoS attack by flooding the network, block all inbound and outbound ICMP Type 9 messages.

ICMP Type 13 Timestamp Request messages determine the local time on a host or remote network. Unfortunately, ICMP Type 13 packets can also be used as an alternative to Type 8 packets as a hacker reconnaissance and mapping tool. Since ICMP Type 13 messages provide only non-essential informational services, block this type of ICMP message on both egress and ingress points to private networks.

ICMP Type 17 Address Mask Request and Reply messages enable network hosts to find the network mask of another host or interface. However, these messages are not necessary for network functionality and attackers use them to map network. Since ICMP Type 17 messages are informational and not necessary, block them at both egress and ingress points on private networks.

Contact us to assess your organization’s security posture, learn more about essential network security support and secure your network from ICMP vulnerabilities.


Tips For Performing Regular Website Security Maintenance

tips for performing regular website security maintenance

Launching a business website is a great way to attract more customers and establish a strong, authoritative presence on the web. However, your site is also a source of vulnerability. It’s critical to keep an eye on it, perform regular website security maintenance, and stay up-to-date on security threats.

website security maintenance

What are some of the things you should do?

Monitor cyber security news. One example of how important this is came from a recent major data breach involving Cloudflare. A security bug wound up exposing passwords, cookies, and other sensitive identifying information from various business websites, with some of the leaked data getting picked up by search engines. Knowing about these developments is critical for acting quickly to protect your business as best you can or do any necessary damage control in the aftermath.

Keep your software updated. Let’s say you’re using WordPress as the content management system for your website. WordPress regularly releases software updates that improve performance and patch security holes; furthermore, any reputable WordPress plugin will do the same. Make sure you’re staying on top of updates and not running older versions that are riddled with vulnerabilities.

Review your site for security flaws. If you’re running an e-commerce site, for example, are there ways in which you may be inadvertently exposing customers’ personal information? Does your website contain vulnerabilities to SQL injections or other insertions of malicious code? Perform periodic reviews of your site to determine its weaknesses, and address them as quickly as possible.

If you need assistance or additional advice, please contact us. Your business website is critical for your success in a digital world. As your home on the web, it’s meant to leave a strong, lasting impression on customers.

Make sure it’s a favorable impression. By conducting regular website security maintenance, you’re in a better position to protect your customers and yourself from major problems such as malware infections and data breaches.

What’s The Key To Cloud Migration Success? Flexibility!

what the key to cloud migration success flexibility

Cloud computing has exploded in popularity, with an increasing number of businesses turning to the cloud to meet their IT infrastructure needs. And the key to cloud migration is flexibility!

When selected wisely, cloud services are cost-effective and reliable. They increase your ability to work productively and take on more complex tasks and larger stores of data. They can also help your business become more resilient to IT disasters.

Making a good choice in cloud services, however, will work well for you only if you migrate successfully to the new platform.

What’s the Primary Key to Cloud Migration Success?

Flexibility is one of the most important qualities in cloud migration. The following are some examples:

  • Modifying plans when necessary. For example, let’s say your business comes up with a plan to migrate a certain number of applications to the cloud. You find on testing them that some of the applications won’t be sufficiently supported and will experience problems functioning. Are you flexible enough to change your plans – maybe choosing another cloud-based solution or refraining for the time being from migrating the subset of problematic applications?
  • Devising both strategic plans and last-minute quick solutions. Migrating to the cloud requires strategic planning and careful thought in advance. It also demand thinking on your feet. When problems come up during cloud migration, you need to quickly come up with alternatives, working as a team to brainstorm, think creatively, and implement solutions.
  • Migrating readily between platforms. A recent article from InfoWorld mentions how hybrid cloud solutions are often popular because they give businesses flexibility in combining both cloud-based and on-premises solutions for different components of their IT infrastructure. The article also emphasizes how businesses often like to migrate between cloud platforms “seamlessly,” depending on their needs. Cloud migration isn’t a one-time process; it’s something you should always be prepared to do to best work towards your business objectives.

Flexible cloud migration is essential for your business’s success. Please contact us for advice and for assistance with migrating to the cloud.

IT Service Management Companies: Help Your Business Run More Efficiently

it service management companies help your business run more efficiently

How efficient is your company? You probably have plenty of systems and procedures in place to maximize productivity but it’s possible that you are overlooking one vital aspect of managing a business: IT service management companies. Having strong IT service management in place can significantly increase efficiency and boost productivity. Let’s take a look at why that is.

IT Service Management Companies

IT service management companies free up your time for bigger picture concerns

Let’s face it, you can never have enough time to do everything that running a business demands. However, there are ways to free up your time to do more. One of the greatest benefits of having good IT service management in place is that it frees up your time to worry about bigger picture concerns because you are leaving the technology issues to the professionals. Let’s be honest, you don’t want to have to think about that stuff anyway.

IT service management companies will help with cost savings

Hiring a competent IT service management company will provide you with significant cost savings due to the consolidating of your technology systems. A good IT service company will be able to identify problems with your current arrangement and will help you find a more efficient and cost-effective way of running things.

IT service management companies will provide you with unparalleled support

If you have good IT service management in place you can spend less time trying to troubleshoot technology issues and more time focusing on big picture issues. This will free up your time and help you become more efficient and productive in the day-to-day aspects of your company.

If you have any questions about other ways we can help your business, contact us.

Backing Up Your Data: Analytics Help Manage Data Backup

backing up your data analytics help manage data backup

Businesses amass huge amounts of data. It’s all important, but it’s not all of equal importance. Working documents are more important than cache files, and the ideal strategy for backing up your data recognizes that. If the disk drive fails, it’s the live documents that need to be up to the minute. Analytics help a business define a backup strategy with priorities that reflect its needs.

Backing up your data

Retrospective analytics show how backups have performed in the past. Is the process keeping up with the file system? If it’s steadily falling behind, then it’s necessary to change the backup strategy or add resources. If it’s keeping up overall, it still makes a difference which files get priority. If important files get delayed because large downloads are hogging the duty cycle, that makes recovery harder.

Predictive analytics can warn of future shortcomings based on current trends. Perhaps the current backup storage is enough and the process isn’t falling behind, but extrapolating current trends may show that will change soon. Knowing in advance lets the IT manager add storage, request a faster data connection, or make changes in the backup process before there’s a crisis.

Keeping a history makes it possible to tell a one-time spike from a developing problem. If backing up your data is falling behind because of a huge chunk of incoming data, and that situation isn’t expected to persist, that’s not a major problem. If it happens often, it’s time to act.

More backup copies are better, but again there are priorities and cost considerations. Analyzing the backup data can help to identify the data that needs an extra level of protection. If a smaller volume is available for a secondary backup, what sets of files can it hold without exceeding its capacity? Which ones are most important?

Backing up your data is smart. Smart backing up is even better. Knowing what’s happening allows smart backup strategies. Contact us to learn how we can make your backups safer and smarter.