1/31/2024 0 Comments Mymoney network review![]() I have often been in the situation where I’m investigating something that appears to be either an unexpected leak of information or downright misbehaving software, and I think that I must be overreacting to the evidence I’m seeing. Secondly, don’t second-guess network administrators when they question why a vendor is doing something odd with their software. But using egress filtering comes with a large overhead: businesses often demand that connections and communications with other servers come first and do not take the time and effort to determine what traffic is normal and expected. Too often we fail to use solutions that are built into our existing infrastructure and want to go with vendor solutions. Note that you can use the basic built-in Windows firewall to block traffic. My recommendation in this sort of scenario is twofold: firstly, don’t overlook using egress filtering on a firewall to determine if traffic being sent outbound from your servers is normal. If it took experts in the field months to find that this software was backdoored, can those of us who are not experts expect to find these attackers in our network? The backdoor was ultimately discovered by several of these same investigators when the software was found on their servers. Investigators were brought in to examine the situation, but no one understood the significance until months later. Prior to purchasing the affected software, a trial was installed on sample servers and network administrators appear to have been concerned and questioned when there was unusual traffic from one of the servers. Recent investigations show that the Department of Justice may have been aware of the potential for a breach months before it happened. A case in point is the infamous SolarWinds software attack, which infected up to nine US agencies and many organizations with backdoors into their infrastructure. Too often, they can enter systems to lie in wait and launch attacks at a later time. Attackers love to find weak spots in our domains and networks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |