It is definitely a must that networks be secured using some kind of security policy and parameters. The perimeter routers must be secured to ensure that corporate LAN resources are protected from the outside world.
Ingress filtering blocks packets from outside the network but containing a source address from inside the network. This helps in preventing any spoofed IP address from entering the network.
Egress filtering blocks packets from inside the network but containing a source address from outside the network. This helps in preventing any user within the network from launching any IP spoofing attacks against external machines.
Perimeter router is a router which is used to provide a connection to the untrusted network also known as the internet. It is also used to provide a local area network (LAN) connection among the trusted network which is the internal network inside the organisation. Thus, to secure the perimeter routers, we can manage the router by logging, disabling of service, software maintenance or configuration maintenance.
A way on how disabling of service works would be a hacker can use these services to his advantage by gathering information about your router, executing a denial of service (DoS) attack, or attempting to gain unauthorized access. Therefore, you need to disable all of the services on your perimeter router that you are not using or that are necessary.
Logging works in many kinds of ways. One good way of doing it would be setting a log severity level. The severity levels can be sued in the form of "more serious to less serious". Level 0 to the highest level would be ranging from the most serious at level 0 to the highest level for the least serious.
No comments:
Post a Comment