Secure Perimeter Routers & Disable Services & Logging

Lastly, Securing the perimeter Routers and disabling services and logging will be the last part I will review for this week!

* This post will be re-edited with table format ASAP

There are several reason for implementing filtering and mitigations protocols on the perimeter Routers, and here are some following:

• To prevent DoS or DDoS attacks
• Prevent IP address Spoofing
• Prevent SYN Attack Mitigation

Of the several processes is:

Ingress and Egress Filtering:

• Ingress filtering makes sure that an incoming packet are actually from networks they claim to be. For Ingress filtering to work, neighbouring network have to cooperate to provide information to the validity of the origins of the packet and if the IP matches the route.

• Egress filtering makes sure that an outgoing packet is actually originating from inside the network. This is done by checking if the IP is present or is reachable through the interface or link. When IP is not reachable or present in the link, packets are either dropped or will send a error message to the sender.

Common Threats to Router and Switch Physical & Mitigation

Continuing from NAT/PAT! My next review will be on the Mitigation from the common threats to hardware, specifically Router and Switches!

Threat Mitigation	Methods of Mitigation
Physical/Hardware	Limit Physical Damage to equipment by: Locking up access to equipment. (Doors, Locking Chasis, etc.) Windowless room if appropriate. Security Camera to observe premises .
Environmental	Limit Damage to equipment by Environment through the following procedures: Temperature Control - Hardware performs best at low temperature. Cool environment also prevents overheating of any equipment that might result in the failure of service. Humidity Control - A very humid room can cause equipments to mulfunction due to the oxidation of certain parts, causing rusting to the degree of causing extensive damage to equipment
Electrical	Limit Electrical supply problem by: Installing Uninterruptible Power Supply (UPS) systems Devising and following preventative maintenance plan Installing redundant power supply - Redundant power supplies work as the last fail safe of the whole Electical supply problem, whereby it will kick in when the emergency power supply goes down, together with the main.
Maintainence	Limit maintainence-related threats by: Organizing and laying neat cables Label all cables and components - Prevents the incidental removal or disconnection of cables critical to a currently working system during maintanence, causing downtime to service.

After listing all this mitigation methods, it still bears down the team to implement the mitigation methods properly. After all, most of this threats are due to human errors!

Network/Port Address Translation

Continuing from Perimeter Router, Firewall and Internal Routers, let review our knowledge of NAT (Network Address Translation) and PAT (Port Address Translation)!

Address Translation	Explaination of Usage
Network	Provides Many to Many IP translation. Works by mapping Internal Private IP to Internal Global IP (or IP provided by Service Providers.) Internal Private IPs are mapped to Global IPs temporary (Unless otherwise stated by configuring static NAT), and is mapped until no more traffic is using the IP, whereby the router will then unmap the IPs and assign the now vacant Global IP to another Private IP that is requesting for a connection.
Port	Provides Many to One IP translation. Works by mapping Internal Private IP to port of Global IP (or IP provided by Service Providers.) Internal Private IPs are mapped to Global IPs port, and is mapped until no more traffic is using the IP, whereby the router will then unmap the IPs and assign the now vacant Global IP to another Private IP that is requesting for a connection.

NAT and PAT are two of many solutions employed in easing the gradual decline of the amount of available IP that can be used. As such, NAT and PAT might be obselete when IPV6, a improved IP address scheme which is 128bits long, thus paving way for essentially, an unlimited amount of address, to the extend where one can say "Unless we find another thousand civilization out there, addresses can never run out!).

Perimeter Router, Firewall and Internal Routers, What a chore!

Hey all, its the time of the week for a post again!

As per the previous post, I will put everything I can in table form(partly due to the fact that I enjoy creating tables for no apparent reason and also because the look GOOD)

So yea, lets cut the chase and review what we have learned for this week:

Periperhal Name	Explaination of Usage
Perimeter Router (Standalone)	To Provide protection for an enclosed network from the cloud (General Internet) Protection provided is minimal and is only used to prevent casual attacks from outside of the trusted network.
Internal Router(Normally used with Firewall and Perimeter Router already in place)	To provide connectivity to other parts of the network in the case that the perimeter router is unavailable. (E.g Connection to the Corporate's own server in the DMZ is available for connections from private network, but is not available for connections originating from the cloud (internet)
Firewall	Used to provide packet screening and directing of packets. Useful in networks with DMZ and private network so as to prevent the cloud(internet) from gaining unauthorized access to the network or services.

*Please note that table above only states the usage of NON-INTEGRATED PERIPHERALS

A small business usually only employ the use of a Perimeter Router but may also employ the use of a Firewall integrated in a Perimeter Router which can also be used by medium sized businesses.

A large or huge Corporate will usually make use of either of the two following setups:

Dedicated Perimeter Router and Firewall

Dedicated Perimeter Router, Firewall and Internal Router