Improving Web Application Security: Threats and Countermeasures
| Check | Description |
|---|---|
|
| Latest patches and updates are installed. |
|
| You subscribed to router vendor's security notification service. |
|
| Known vulnerable ports are blocked. |
|
| Ingress and egress filtering is enabled. Incoming and outgoing packets are confirmed as coming from public or internal networks. |
|
| ICMP traffic is screened from the internal network. |
|
| Administration interfaces to the router are enumerated and secured. |
|
| Web- facing administration is disabled. |
|
| Directed broadcast traffic is not received or forwarded. |
|
| Unused services are disabled (for example, TFTP). |
|
| Strong passwords are used. |
|
| Logging is enabled and audited for unusual traffic or patterns. |
|
| Large ping packets are screened. |
|
| Routing Information Protocol (RIP) packets, if used, are blocked at the outermost router. |
Категории