Cyber Security

Liang Zhang

1 Know Your Network Infrastructure Vulnerabilities to Avoid Hacks

Network infrastructure vulnerabilities are the foundation for most technical security issues and hacks in your information systems. These lower-level vulnerabilities affect practically everything running on your network. That’s why you need to test for them and eliminate them whenever possible.

Your focus for ethical hacking tests on your network infrastructure should be to find weaknesses that others can see in your network so you can quantify your network’s level of exposure.

2 Banner Grabs Can Give a Hacker Information to Attack E-mail

When hacking an e-mail server, a hacker’s first order of business is performing a basic banner grab to see whether he can discover what e-mail server software is running. This is one of the most critical tests to find out what the world knows about your SMTP, POP3, and IMAP servers.

Countermeasures against banner attacks

There isn’t a 100 percent secure way of disguising banner information. Take a look at these banner security tips for your SMTP, POP3, and IMAP servers:

Change your default banners to cover up the information.

Make sure that you’re always running the latest software patches.

Harden your server as much as possible by using well-known best practices from such resources as the Center for Internet Security and NIST.

3 Test Firewall Rules to Prevent Network Hacks

As part of your ethical hacking, you can test your firewall rules to make sure they're working as they're supposed to. Breaches in firewalls can easily compromise your best efforts at security. A few tests can verify that your firewall actually does what it says it's doing.

1  Load Netcat on a client machine inside the network.

2  Load Netcat on a testing computer outside the firewall.

3  Enter the Netcat listener command on the client (internal) machine with the port number you're testing.