Tip

Secure remote access points and configure connections to avoid a hack

Vernon Haberstetzer, Contributing Writer

Hackers love poorly configured remote access points, and why shouldn't they? Many times they represent an open door into a network without having to fuss with firewalls and intrusion detection/prevention systems (IDS/IPS) at the Internet border. Considering the threat that these misconfigured devices pose, all organizations should

    Requires Free Membership to View

secure remote access points and configure remote connections to prevent a hack. The fact is that most networks have remote access points, and most of those access points don't employ adequate security. Remote access points most often come in the form of dialup modem banks and VPN concentrators, and it doesn't take much to discover the phone number or IP address.

Most remote access points require only a static user ID and password to log on to the network. If your remote access point doesn't require strong authentication, you should probably count on the fact that somewhere out there, maybe an employee or vendor, has setup a remote connection to your network with a saved user ID and password. This means your network is available to anyone who opens that connection, including your employee's neighbor whose computer was used to check email a month ago, and that vendor's employee who quit last week and took all his clients' remote access passwords with him.

How to secure remote access and configure remote connections
To remedy this problem, it is best to implement some type of strong authentication, requiring a user ID and a single-use password or biometric. There are a number of vendors that sell remote access keychain tokens, which generate a new single-use passcode every few seconds. Additionally, your suppliers and vendors could be required to call your operations department to obtain a passcode for remote access, thus adding another layer of security when dealing with outsiders. By implementing a strong authentication system, saved passwords for remote connections will no longer represent an information security risk.

Additionally, most remote access points don't inspect the remote computer for viruses or hacking software, and they usually don't watch the network traffic coming from such computers. If a user with a virus-infected PC or a hacker were to remotely log on to your network with such software, the network could be on the receiving end of a server compromise or a virus outbreak. To help prevent a remote connection hack, it is best to have an IDS or IPS sitting inline between your remote access point and your internal network. Such a system should be capable of catching network-based attacks from hackers or hybrid viruses. Some systems will even prevent users from connecting to your network if their antivirus software is not up to date. It is also best to limit the number of ports allowed access into your internal network.

By giving some attention to the authentication process and the traffic coming from remote users, you will greatly reduce the risk of your remote access points being a source of unwelcome company.

About the author
Vernon Haberstetzer, president of security seminar and consulting company i.e.security, has seven years of in-the-trenches security experience in healthcare and retail environments.

 


HACKER ATTACK TECHNIQUES AND TACTICS

  Introduction: Hacker attack tactics
  How to stop hacker theft
  Hacker system fingerprinting, probing
  Using network intrusion detection tools
    Authentication system security weaknesses
  Improve your access request process
  Social engineering hacker attack tactics
  Secure remote access points
  Securing your Web sever
  Wireless security basics
  How to tell if you've been hacked


 

This was first published in February 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.