How to hide system information from network scanning software

BROWSE BY TAG Network Security,   Network Intrusion Detection and Analysis,   Enterprise Network Security,   Monitoring Network Traffic and Network Forensics,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security How to set up a split-tunnel VPN in Windows Vista What is the difference between static and dynamic network validation? Port scan attack prevention best practices Securing the intranet with remote access VPN security How to prevent network sniffing and eavesdropping How to implement virtual firewalls in a complex network infrastructure How to manage network bandwidth with distributed ISP bandwidth How to edit group policy objects to give a user local admin rights How to prevent operating system cloning with AES 256-bit encryption How to securely connect a LAN POS to a remote point-of-sale device Monitoring Network Traffic and Network Forensics Preventing SQL injection attacks: A network admin's perspective Breach prevention: How to keep track of data and applications Researchers find thousands of flawed embedded devices Network traffic collection, analysis helps prevent data breaches Lifecycle of a network security vulnerability Port scan attack prevention best practices How to prevent network sniffing and eavesdropping DoD urges less network anonymity, more PKI use Chained Exploits: How to prevent phishing attacks from corporate spies PCI compliance requirement 10: Auditing

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bridge  (SearchSecurity.com) computer forensics  (SearchSecurity.com) Einstein  (SearchSecurity.com) footprinting  (SearchSecurity.com) information signature  (SearchSecurity.com) inverse mapping  (SearchSecurity.com) network behavior analysis  (SearchSecurity.com) network forensics  (SearchSecurity.com) promiscuous mode  (SearchSecurity.com) snoop server  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

The absolute best way to hide your system from the probing eyes of network scanners is to install a properly configured software firewall. If the scanners in question are on a remote network, use a network firewall to also block inbound connections. Once installed, configure those defenses to block all unnecessary traffic from reaching your system. On a typical user workstation, simply set the firewall to "Don't allow exceptions," which will completely conceal it from inbound access attempts. With a server that must allow inbound connections, create firewall rules that limit that traffic to the greatest possible extent.

The easiest way to hide system names and IP addresses from external scanners is to use Network Address Translation (NAT) on your network. NAT devices (usually border firewalls) allow you to use private addresses on your internal network and public addresses on your external one. Unless a NAT rule is specifically enabled, such configuration prevents anyone on the Internet from reaching systems that use private addresses.

When using NAT, it's a matter of best practice to use RFC 1918-reserved private address ranges. These include the 10.0.0.0-10.255.255.255, 172.16.0.0-172.31.255.255, and 192.168.0.0-192.168.255.255 address ranges. These addresses are not routable over the Internet, and they can protect you from firewall mis-configurations.

More information:

• A SearchSecurity.com reader asks whether firewalls alone can block port-scanning activity.
• Is it ever a good idea to put a firewall before a router?