Because most individuals are going to have to work remotely from home, the activity that should be scrutinized over the coming weeks would be ports associated with VPN like OpenVPN (1194) or SSL VPN (TCP/UDP 443, IPsec/IKEv2 UDP 500/4500) with their associated logs to ensure these services are accessed by the right individuals and are not abused, exploited or compromised. It will be very important the VPN service is patched and up-to-date because there will be way more scrutiny (scanning) against these services. Capturing metrics about performance and availability will be very important to ensure mission critical systems and applications can be accessed to avoid downtime. Some difficult questions will need to be answers: How many concurrent users can login at the same time?
What are the alternative? [1] https://www.dshield.org/forums/diary/Network+Security+Perspective+on+Coronavirus+Preparedness/25750 ----------- |
Guy 523 Posts ISC Handler Mar 15th 2020 |
Thread locked Subscribe |
Mar 15th 2020 2 years ago |
Some additional website to check:
From SANS Security Awareness: sans.org/security-awareness-training/… From US-CERT on Enterprise VPN Security: us-cert.gov/ncas/alerts/… |
Guy 523 Posts ISC Handler |
Quote |
Mar 16th 2020 2 years ago |
I ran into trouble with session affinity not being respected because of UDP vs TCP, so if you're doing online conferencing then switch to TCP to ensure your sessions don't break.
Also be careful mixing VPNs simultaneously in case VPN A's addressing overlaps with VPN B's etc.. If you're an expert user, then boost performance/UX/privacy by running your own recursive DNS server locally like Unbound over DoT/DoH. HTH. |
esdaniel 1 Posts |
Quote |
Mar 16th 2020 2 years ago |
I am very thankful for such a wonderful article.
It's very interesting to read and easy to understand. Thanks for sharing. We also provide the best yahoo customer support services. <a href="https://bit.ly/2TlVK0Q"> Contact Yahoo Support</a> |
Anonymous |
Quote |
Mar 17th 2020 2 years ago |
Sign Up for Free or Log In to start participating in the conversation!