3种简单的方法，使您的Windows网络更难破解

再次问好。这是苏珊布拉德利为CSO在线。今天，我们将谈论一些并不新的技术。他们已经存在了很长时间，可能不是你的性感或任何你去的东西，哎呀。它们是验证和真实的东西，尤其是基于域的网络。但显然，我们仍然没有这样做，因为我们仍然在新闻中有漏洞和利用漏洞，我们不是吗？正如你众多人所知道的那样，FTC在他们的安全漏洞中解决了Equifax，并且有一个有趣的博文出来，谈到了他们未能做的一些基础知识。这实际上非常令人惊讶。同样，它们不是性感的技术：补丁或软件段为入侵者进行网络监视器，但是当您没有基础时。这就是我们拥有大问题的地方。 And I'd add one more, making sure you have a good backup, especially when it comes to ransomware. So here we go again with a another session of how to not be low hanging fruit. So here's some lessons learned from Equifax. Make sure that employees follow up on patching processes. Make sure that you check to see if a patch is needed. Make sure your automated scanners are actually doing what they're supposed to do. Make sure you segment your network to limit how much sensitive data an attacker can steal. Make sure you store admin credentials and passwords in proper locations. Don't do them in plain text files. Make sure you update security certificates and make sure you detect intrusions on even legacy systems. As we start 2020, take a step back and look at your network. See if there are places where you're putting data that shouldn't be there. Look at the kinds of data you have on your network. There's typically four levels, public data that anyone can have access to internal data, data that should not have public disclosure, sensitive internal turned data and the highest of all highly sensitive corporate employing customer data. And depending on where those are located, you may need to redo how your network is segmented. The Center for Internet Security goes on and indicates that one should segment that network based on labels or classification levels of the information stored in the servers, locate all sensitive information on separated V lands with firewall filtering to ensure only those authorized individuals are only able to communicate with systems necessary to fulfill their specific responsibilities. How many of you are ready to do that? On old fashioned workstations and servers that are in your corporate network, look to see how well you're using the plain old Windows firewall. Again, this is not new. You don't have to go out and buy anything new. It's the plain old Windows firewall that you already have in your systems. But are you using it as best as you can? On a sample Windows workstation, go ahead and open up the Windows firewall and you can look at all of the different applications that have built rules in your firewall. Kind of gets a little scary sometimes, especially if you have to stop and go. What application actually built that rule? Something as simple as blocking RCP Port TCP Port 135 and SMB Port TCP port 445 can help a great deal to stop the lateral movement of attackers inside your network. Now, you may not be able to block, especially the SMB ports. You may have to test and see if you can do this, but see if you can especially for sensitive transmission of data. RDP is being used quite a bit in attacks inside of networks. And what you might want to do is see if you can do limits on remote desktop. So go into the properties. And enable what's called IPsec. Allow the connection if it's secure and you can customize this and make the setting and then go into remote users or remote computers and see if you can set that for specific users. So instead of opening it up to everybody, put specific users inside the domain that have access to that system. Again, you may not be able to do that everywhere. But again, segment your network. Think about how attackers come in and how they can use the different ports to come in. Limit access as best as you can and use the windows firewall that you already have in your system to build more rules. Obviously document this as well. But please, if you're in the year 2020 and you're still disabling the Windows firewall, I hope you're not doing that. I hope you're taking the time to look to see what applications have built ports and firewalls and see if you can lock them down better. And as we start 2020, don't forget to sign in to Tech talk from IDG with lots of tips on Windows and Linux and all sorts of news for the tech of the day. Again, this is Susan Bradley for CSOnline. Thank you again.