In today’s computing marketplace, it pays to be paranoid. At a recent conference, “ethical hackers” and other networking security professionals showcased some of the latest techniques used by criminals to bypass password blocks and hard drive encryption. The phrase “ethical hacker” bubbled up into the public consciousness after programmers started to use the same techniques as criminals to penetrate secure networks and encrypted servers. Approaching a system in the same way a hacker would often exposes unexpected holes in security. Vulnerability testing usually requires a system administrator to hide a special file on a corporate server. Network security professionals that successfully locate and decrypt the hidden
file can show system administrators the steps they took, allowing administrators to patch their virtual armor.
In many cases, outside network security consultants can do a much better job of vulnerability testing than in-house personnel. Because internal employees share assumptions about network security protocols, they may be unable to effectively push the limits of a system. Employees might even be embarrassed to recognize threats, for fear of earning poor evaluations. Hiring outside contractors to perform vulnerability testing recreates the experience of having live hackers try to bring down a system.
Intrusion Detection Tops Networking Security Threats
A decade ago, companies rarely had to worry about network intrusion. The equipment necessary to penetrate a company’s systems was relatively rare, and intrusion could often be detected easily. With today’s always-on internet culture, system administrators have a far tougher job maintaining network integrity. Legions of “bots” – hacked personal computers under the remote control of criminals – can overwhelm a typical office server with a single command. Leeching off the internet connections of unsuspecting victims, bots can work around many older network intrusion systems by making access requests from multiple IP addresses.
Newer networking security systems look beyond the source of potential attacks to distinguish real
network traffic from malicious hacking attempts. Adding a firewall with integrated intrusion detection can take a lot of the burden off of critical business servers. When combined with a rigorous vulnerability testing program, this networking security strategy can anticipate the next moves of hackers before they have a chance to destroy a company’s relationships and reputation.