10 crazy IT security tricks that actually work

IT security threats are constantly evolving. It's time for IT security pros to get ingenious

By Roger A. Grimes, InfoWorld |  Security

Innovative security technique No. 3: HoneypotsModern computer
honeypots
have been around since the days of Clifford Stoll's "The Cuckoo's Egg," and they still don't aren't as
respected or as widely adopted as they deserve. A honeypot is any computer asset that is set up solely to be
attacked. Honeypots have no production value. They sit and wait, and they are monitored. When a hacker or malware
touches them, they send an alert to an admin so that the touch can be investigated. They provide low noise and high
value.

The shops that use honeypots get notified quickly of active attacks. In fact, nothing beats a honeypot for early
warning -- except for a bunch of honeypots, called a honeynet. Still, colleagues and customers are typically
incredulous when I bring up honeypots. My response is always the same: Spend a day spinning one up and tell me how
you feel about honeypots a month later. Sometimes the best thing you can do is to try one.

Innovative security technique No. 4: Using nondefault portsAnother technique for
minimizing security risk is to install services on nondefault ports. Like renaming privileged accounts, this
security-by-obscurity tactic goes gangbusters. When zero-day, remote buffer overflow threats become weaponized by
worms, computer viruses, and so on, they always -- and only -- go for the default ports. This is the case for SQL
injection surfers, HTTP worms, SSH discoverers, and any other common remote advertising port.

Recently Symantec's pcAnywhere
and Microsoft's
Remote Desktop Protocol
suffered remote exploits. When these exploits became weaponized, it was a race against
the clock for defenders to apply patches or block the ports before the worms could arrive. If either service had
been running on a nondefault port, the race wouldn't even begin. That's because in the history of automated
malware, malware has only ever tried the default port.


Originally published on InfoWorld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness