How to Protect Your Network Using these Network Security Procedures and Tips


by Steven Young - Date: 2007-04-14 - Word Count: 528 Share This!

Network security is the new buzz word around town. Most people think a network firewall that is setup with the default will protect their network. The simple fact is no it will not. Not until you are hack will you know this fact. Of course this comes a little too late. All operating systems need ports open in order to communicate information regarding active directory, DNS, DHCP, booting of a computer and more. Some applications need ports open to work. So where do you reach a safe point where your applications work and they are secure. The following will address the working ports and what to be concerned about. Later I will address how to secure it.

Ports to be concerned about are 3389 which is terminal services ports. If you do not have a firewall in place blocking public IP address from forwarding to private IP address using this port then you will want to call a security professional right away. Other ports to be concerned about are 139 which gives access to network shares.

Another area of concern is the SMB or the (Server Message Block) protocol. This protocol is used among other things for file sharing in Windows NT/2000/XP. In Windows NT it ran on top of NetBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445. Again all these ports should remain in the private network and your firewall should block access.

Note: The NETSTAT command will show you whatever ports are open or in use, but it is NOT a port scanning tool! If you want to have your computer scanned for open ports see this page instead (link will follow shortly).

C:>netstat -an |find /i "listening"
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1723 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING
TCP 127.0.0.1:4664 0.0.0.0:0 LISTENING
TCP 192.168.50.127:139 0.0.0.0:0 LISTENING
TCP 192.168.100.193:139 0.0.0.0:0 LISTENING

The netstat command will also show you who is active on your computer. This will show you what spyware or trojan horses that may have installed on your machine.

Active Connections

Proto Local Address Foreign Address State
TCP argonas:epmap argonas:0 LISTENING
TCP argonas:microsoft-ds argonas:0 LISTENING
TCP argonas:pptp argonas:0 LISTENING
TCP argonas:3389 argonas:0 LISTENING
TCP argonas:1026 argonas:0 LISTENING
TCP argonas:2617 localhost:2618 ESTABLISHED
TCP argonas:2618 localhost:2617 ESTABLISHED
TCP argonas:2619 localhost:2620 ESTABLISHED
TCP argonas:2620 localhost:2619 ESTABLISHED
TCP argonas:4664 argonas:0 LISTENING
TCP argonas:netbios-ssn argonas:0 LISTENING
TCP argonas:2958 an-in-f104.google.com:http ESTABLISHED
TCP argonas:3011 va-in-f104.google.com:http TIME_WAIT
TCP argonas:3014 eo-in-f147.google.com:http ESTABLISHED
TCP argonas:3081 unknown.xeex.net:http TIME_WAIT
TCP argonas:3104 unknown.xeex.net:http ESTABLISHED
TCP argonas:3903 web1.allaboutsingles.com:http CLOSE_WAIT
TCP argonas:4449 static-71-116-207-166.lsanca.dsl-w.verizon.net:pptp ESTABLISHED
TCP argonas:4762 va-in-f104.google.com:http CLOSE_WAIT
TCP argonas:netbios-ssn argonas:0 LISTENING
TCP argonas:2939 192.168.100.202:1025 ESTABLISHED
TCP argonas:2957 exchange01.intercore.local:1419 ESTABLISHED

Once you have locked down all ports then you must be concerned with internal security. No one in your organization will be allowed to talk to anyone about any secure information. Even giving out there email address. Next use devices like honey pots, barracuda spam appliance, Symantec anti-virus hardware and software. A properly configured network can allow your workers to work and disallow hackers to work.


Related Tags: network security

Intercore has been providing network security consulting for years, even before it was popular. For more information go here Computer Network Security Consultant Los Angeles

Your Article Search Directory : Find in Articles

© The article above is copyrighted by it's author. You're allowed to distribute this work according to the Creative Commons Attribution-NoDerivs license.
 

Recent articles in this category:



Most viewed articles in this category: