{"id":374,"date":"2018-01-22T13:29:16","date_gmt":"2018-01-22T13:29:16","guid":{"rendered":"http:\/\/learnlearn.uk\/gcsecs\/?page_id=374"},"modified":"2019-02-07T13:23:36","modified_gmt":"2019-02-07T13:23:36","slug":"network-vulnverabilities","status":"publish","type":"page","link":"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/","title":{"rendered":"Network Hardening"},"content":{"rendered":"<div class=\"responsive-tabs\">\n<h2 class=\"tabtitle\">Testing<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Penetration Testing<\/h3>\n<p><a href=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/white-hat-hacker.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignright size-full wp-image-883\" src=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/white-hat-hacker.png\" alt=\"\" width=\"225\" height=\"225\" srcset=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/white-hat-hacker.png 225w, https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/white-hat-hacker-150x150.png 150w\" sizes=\"(max-width: 225px) 100vw, 225px\" \/><\/a><\/p>\n<p>Often the best way to find out if your system is secure and to expose any system vulnerabilities, is to employ a <strong>white hat hacker<\/strong> to try and break into the system. They deploy a number of different tools and techniques to try and access the system. Once a vulnerability has been exposed the system can be patched to fix the problem or the appropriate policy be put in place.<\/p>\n<p>Some companies offer hack bounties to hackers. If you can hack their system and prove it you are rewarded with a <strong>hack bounty<\/strong>, which can often be tens of thousands of pounds.<\/p>\n<p><a href=\"https:\/\/hackerone.com\/security\">Hack Bounty Website<\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Forensics<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Network Forensics<\/h3>\n<p><a href=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/network-foresics-oct-gcse-agqa.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"alignright size-full wp-image-884\" src=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/network-foresics-oct-gcse-agqa.jpg\" alt=\"\" width=\"267\" height=\"189\" \/><\/a><\/p>\n<ul>\n<li>If an attacker is successful in accessing a network or computer,Network Forensics can be used to find out:<\/li>\n<li>Who the attacker is (through their IPaddress or other information)<\/li>\n<li>How they gained access to the system, so the vulnerability can be fixed<\/li>\n<li>What information they accessed<\/li>\n<li>What their motivates were.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>This can be achieved by looking at access logs, using specialist forensic technologies.<\/p>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Policies<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Network Policies<\/h3>\n<p>Secure network policies can be highly effective in reducing successful attacks and mitigating the effects of a successful attack.<\/p>\n<p>Good network policies include:<\/p>\n<ul>\n<li>Forcing users to change their passwords on a regular basis<\/li>\n<li>Forcing users to pick a strong password<\/li>\n<li>Restricting user access only to the files \/ folders they need access to (see User Access Levels)<\/li>\n<li>Regularly monitoring access to check for suspicious activity<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Antimalware<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Anti-malware Software<\/h3>\n<p><a href=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/malware.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"alignright size-medium wp-image-890\" src=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/malware-300x185.jpg\" alt=\"\" width=\"300\" height=\"185\" srcset=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/malware-300x185.jpg 300w, https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/malware.jpg 594w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Malware is software that contains features or extra software that either compromises a system or in some way impairs the user&#8217;s experience.<\/p>\n<p>Examples include:<\/p>\n<ul>\n<li>Installing browser add-ons that redirect web traffic via adverts.<\/li>\n<li>Installing extra software that turns your computer into a bit-coin miner, costly you money in electricity<\/li>\n<li>Installing software that allows governments or organisations to spy on you, tracking you browsing habits.<\/li>\n<\/ul>\n<p>Anti-malware detects, disables or removes harmful software.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Firewalls<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Firewalls<\/h3>\n<p>Any computer or devie connected to the internet is vulnerable to unauthorised access. In order to reduce the number of attacks a firewall is used to detect incoming and outgoing traffic and destroy suspicious packets that don&#8217;t meet the firewall&#8217;s rules.<\/p>\n<p>These rules often:<\/p>\n<ul>\n<li>Block traffic from known bad IPaddresses (or block and entire range of addresses that originate from certain areas)<\/li>\n<li>Block access to certain ports.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">UAL<\/h2>\n<div class=\"tabcontent\">\n\n<h3>User Access Levels<\/h3>\n<p>An effective way of preventing and containing threats to networks is through the use of User Access Levels.<\/p>\n<p>Each user is given access rights(permissions) to the areas of the network.<\/p>\n<p>Each right is limited to:<\/p>\n<ul>\n<li>read (view files)<\/li>\n<li>write(edit files)<\/li>\n<li>full control(delete\/add files)<\/li>\n<\/ul>\n<p>This means that if an account is compromised, only certain areas and resources are exposed.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Passwords<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Passwords<\/h3>\n<p><a href=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/password.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"alignright size-full wp-image-869\" src=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/password.jpg\" alt=\"\" width=\"268\" height=\"188\" \/><\/a><\/p>\n<p>Enforcing strong passwords using network policies are an effective way of reducing the possibility of successful network attacks.<\/p>\n<p>Strong passwords:<\/p>\n<ul>\n<li>Mixture of lower and upper case letters.<\/li>\n<li>Include a number<\/li>\n<li>Include the use of characters e.g\u00a0 &#8220;\u00a3$%^&amp;<\/li>\n<li>Make sure that standard words are not used on their own. (dog)<\/li>\n<li>Make sure the password is long enough to prevent a brute force attack.<\/li>\n<li>Change passwords regularly<\/li>\n<li>Use different passwords for different accounts<\/li>\n<li>Don&#8217;t use easy to guess passwords (password123)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Encryption<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Encryption<\/h3>\n<p><a href=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/encryption.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignright size-full wp-image-888\" src=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/encryption.png\" alt=\"\" width=\"225\" height=\"225\" srcset=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/encryption.png 225w, https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/encryption-150x150.png 150w\" sizes=\"(max-width: 225px) 100vw, 225px\" \/><\/a><\/p>\n<p>Data encryption is useful for limiting the possibility of data being assessed when being <strong>stored<\/strong> or<strong> transmitted.<\/strong><\/p>\n<ul>\n<li>A strong encryption method should be used when transmitting (WP2 for wifi).<\/li>\n<li>Hard drives used to store data should be fully encrypted.<\/li>\n<li>Messenging services should use end to end encryption.<\/li>\n<li>Data should only be entered in to sites that use HTTPS \/ SSL encryption<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n\n<\/div><h2 class=\"tabtitle\">Resources<\/h2>\n<div class=\"tabcontent\">\n\n<h3>Resources<\/h3>\n<p><a href=\"https:\/\/drive.google.com\/open?id=1c7CTpJcteXFGMrsc0GQZuRKB6OgJplFA\">Network Threats and Hardening Crossword<\/a><\/p>\n<p><a href=\"https:\/\/create.kahoot.it\/k\/65c2c2ee-c23c-48ef-af2f-e1b35f4c6684\">Network Threats and Hardening Kahoot.it<\/a><\/p>\n<p><a href=\"https:\/\/drive.google.com\/open?id=1DapepDXXp7cP7PIY2j01OHJaSBnHLK_S\">Network Threats and Hardening Flashcards<\/a><\/p>\n<p>(Make sure when you print you choose &#8216;print on both sides&#8217;\u00a0 &#8216;flip on the long edge&#8217;)<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Penetration Testing Often the best way to find out if your system is secure and to expose any system vulnerabilities, is to employ a white hat hacker to try and break into the system. They deploy a number of different tools and techniques to try and access the system. Once a vulnerability has been exposed&hellip;&nbsp;<a href=\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">Network Hardening<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":70,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Network Hardening - GCSE Computer Science Theory<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Network Hardening - GCSE Computer Science Theory\" \/>\n<meta property=\"og:description\" content=\"Penetration Testing Often the best way to find out if your system is secure and to expose any system vulnerabilities, is to employ a white hat hacker to try and break into the system. They deploy a number of different tools and techniques to try and access the system. Once a vulnerability has been exposed&hellip;&nbsp;Read More &raquo;Network Hardening\" \/>\n<meta property=\"og:url\" content=\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"GCSE Computer Science Theory\" \/>\n<meta property=\"article:modified_time\" content=\"2019-02-07T13:23:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/white-hat-hacker.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/\",\"url\":\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/\",\"name\":\"Network Hardening - GCSE Computer Science Theory\",\"isPartOf\":{\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/#website\"},\"datePublished\":\"2018-01-22T13:29:16+00:00\",\"dateModified\":\"2019-02-07T13:23:36+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"OCR GCSE Computer Science Home\",\"item\":\"https:\/\/learnlearn.uk\/gcsecs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Network Hardening\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/#website\",\"url\":\"https:\/\/learnlearn.uk\/gcsecs\/\",\"name\":\"GCSE Computer Science Theory\",\"description\":\"Just another My Blog site\",\"publisher\":{\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/learnlearn.uk\/gcsecs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/#organization\",\"name\":\"GCSE Computer Science Theory\",\"url\":\"https:\/\/learnlearn.uk\/gcsecs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2019\/02\/LearnLearnLogowhite.png\",\"contentUrl\":\"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2019\/02\/LearnLearnLogowhite.png\",\"width\":710,\"height\":98,\"caption\":\"GCSE Computer Science Theory\"},\"image\":{\"@id\":\"https:\/\/learnlearn.uk\/gcsecs\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Network Hardening - GCSE Computer Science Theory","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/","og_locale":"en_GB","og_type":"article","og_title":"Network Hardening - GCSE Computer Science Theory","og_description":"Penetration Testing Often the best way to find out if your system is secure and to expose any system vulnerabilities, is to employ a white hat hacker to try and break into the system. They deploy a number of different tools and techniques to try and access the system. Once a vulnerability has been exposed&hellip;&nbsp;Read More &raquo;Network Hardening","og_url":"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/","og_site_name":"GCSE Computer Science Theory","article_modified_time":"2019-02-07T13:23:36+00:00","og_image":[{"url":"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2018\/01\/white-hat-hacker.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/","url":"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/","name":"Network Hardening - GCSE Computer Science Theory","isPartOf":{"@id":"https:\/\/learnlearn.uk\/gcsecs\/#website"},"datePublished":"2018-01-22T13:29:16+00:00","dateModified":"2019-02-07T13:23:36+00:00","breadcrumb":{"@id":"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/learnlearn.uk\/gcsecs\/network-vulnverabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"OCR GCSE Computer Science Home","item":"https:\/\/learnlearn.uk\/gcsecs\/"},{"@type":"ListItem","position":2,"name":"Network Hardening"}]},{"@type":"WebSite","@id":"https:\/\/learnlearn.uk\/gcsecs\/#website","url":"https:\/\/learnlearn.uk\/gcsecs\/","name":"GCSE Computer Science Theory","description":"Just another My Blog site","publisher":{"@id":"https:\/\/learnlearn.uk\/gcsecs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/learnlearn.uk\/gcsecs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"https:\/\/learnlearn.uk\/gcsecs\/#organization","name":"GCSE Computer Science Theory","url":"https:\/\/learnlearn.uk\/gcsecs\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/learnlearn.uk\/gcsecs\/#\/schema\/logo\/image\/","url":"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2019\/02\/LearnLearnLogowhite.png","contentUrl":"https:\/\/learnlearn.uk\/gcsecs\/wp-content\/uploads\/sites\/8\/2019\/02\/LearnLearnLogowhite.png","width":710,"height":98,"caption":"GCSE Computer Science Theory"},"image":{"@id":"https:\/\/learnlearn.uk\/gcsecs\/#\/schema\/logo\/image\/"}}]}},"rttpg_featured_image_url":null,"rttpg_author":{"display_name":"learnlearnadmin","author_link":"https:\/\/learnlearn.uk\/gcsecs\/author\/learnlearnadmin\/"},"rttpg_comment":0,"rttpg_category":null,"rttpg_excerpt":"Penetration Testing Often the best way to find out if your system is secure and to expose any system vulnerabilities, is to employ a white hat hacker to try and break into the system. They deploy a number of different tools and techniques to try and access the system. Once a vulnerability has been exposed&hellip;&nbsp;Read&hellip;","_links":{"self":[{"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/pages\/374"}],"collection":[{"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/comments?post=374"}],"version-history":[{"count":12,"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/pages\/374\/revisions"}],"predecessor-version":[{"id":915,"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/pages\/374\/revisions\/915"}],"wp:attachment":[{"href":"https:\/\/learnlearn.uk\/gcsecs\/wp-json\/wp\/v2\/media?parent=374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}