Your Company’s Firewall Security is Vulnerable to Hacking

Written By Les Williams

SHARE ON:

One of the great intrigues in security management is the modus operandi of criminal hackers. Many organizations believe they are too small a target for hackers to attack. Earlier, cyber criminals may have agreed with that assessment, but that perspective is rapidly changing in this cyber world. Today, hackers view an individual or organization’s data as an attractive and luscious low-hanging fruit. Without the need to get past sophisticated corporate firewalls, or circumvent multiple security protocols, the idea of penetrating your personal computer’s almost non-existent defenses becomes very attractive.

If you aren’t aware of how hackers can attack you, how can you protect yourself from them? If hackers gain access to your system, a series of scary scenarios can take place. They use sophisticated and accurate methods to hold data hostage, indulge in identity theft, and even launch attacks on other networks via your computer. The best-known way to combat these cyber criminals is to understand how they carry out their attacks.

This blog post intends to show you how attackers can take advantage of your mistakes, and help you avoid the common pitfalls that these criminals exploit. Prepare to be enlightened.

Fix the firewall security vulnerabilities in your security network before hackers get to it.

There are two types of firewall security usually available in the market – application gateways and packet filtering gateways. Application gateways are proxies and cause computational problems in computers because of its heavy CPU usage. Therefore, packet-filtering devices are more preferred on busy networks. However, some sellers are trying to blend these two binding characteristics of the firewall into one.

Installing a firewall security into a gateway is not a permanent solution to your security needs. Every firewall that is available in the market today is prone to attacks – as is evident by the growing cyber attacks year on year. If you misconfigure or not maintain a firewall properly, it makes an easy way in for hackers.

You can test the security vulnerabilities in your applications from any of the available tools. Firewall protection acts as an impediment in infiltrating computer networks. If an expert firewall administrator configures a firewall, it does not respond to Internet Control Message Protocol (ICMP) echo requests to keep it safe from being hacked.

CIRCUMVENTING THE HACKING SAFEGUARD TOOLS

Firewalk

It is a utility tool, written by Mike Schiffman. It finds open ports on firewall – the filtering device. It functions by evaluating a live system behind a firewall and discovers the permitted services and open ports on that firewall, without touching the system.

Firewalk also maps the remote network behind the firewall. A hacker can create an accurate topology of the network behind the firewall by sending packets to every host behind the firewall.

The firewalk scan functions by diffusing Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) packets with an IP Time-to-Live (TTL) evaluated to expire just one step past the firewall. If the filtering device permits the traffic in, it will carry the packets to target, where the TTL will become zero, and the target will extract a TTL exceeded on transit back to the attacker. If the filtering device impedes the traffic from entering in, then we will be unable to see any packet back, which implies the port is closed. Some firewalls understand that the packet will expire when they reach the target host before the Access Control List (ACL) rules are applied. They extract an ICMP TTL expired packet back to the hacker, which leads to false-positives.

H-Pinging

This tool is primarily a TCP ping utility, with some extra functionality. It permits the user to explore some options of the TCP packet that may allow it to penetrate through some filtering devices even if it is blocked and report the packets it retrieves. By using the ‘p’ switch, a fixed destination port can be set – as in the case of traceroute – that can penetrate the firewall. We can fragment TCP packets too, but it is primarily a TCP ping sweeping utility.

Moreover, the filtering devices sometimes cannot handle fragmented packets and allow them in, making the mapping of the network behind the filtering device a cakewalk.

Related Post: Cyber Security Infographic

Stateless Firewalls & Source Port Scanning

You cannot use this method with stateful filtering devices; it only applies to filtering devices that do not keep the state of traffic. If you send a packet to the source port 20 in FTP – the default data port – you can map the network by checking the system behind the firewall. If the port is open, then it means two things: (1) the probed system is running behind the firewall (this is useful for network mapping), and (2) FW ACL does not block TCP 139 port, which becomes a good starting point for hacking Windows-based systems. 

Rootkit

A rootkit is not a malware, unlike a virus or Trojan. It is something much more harmful: a critical segment of code injected into your computer system, designed to conceal any unauthorized activity taking place. As rootkits give administrative control to the attacker, your computer can be used without your knowledge and restrictions.

A rootkit can attack and replace essential OS files, enabling it to conceal or disguise itself and other malware. Once a rootkit has hidden deep within your system, it can cover an intruder’s tracks (by altering system logs), make evidence of malicious processes running in the background invisible, conceal all types of files, and open a port to create a backdoor.

Some rootkits are designed to infect a computer’s BIOS, which is a kind of firmware that initializes the hardware when your computer is turned on. When rootkits penetrate your BIOS, it nullifies even the OS re-installation or disk replacement strategy to neutralize the rootkit infection.

PENETRATING YOUR FIREWALL SECURITY IS EASY

By luring victims to an unsafe link, the hacker can virtually access any program on their machine, even if it’s behind routers that automatically block it from the outside world. This test was conducted on a Belkin N1 Vision Wireless Router – a few other devices were also found to be similarly vulnerable.

A hacker can penetrate your firewall/router and connect to a particular port, although the firewall should have never forwarded that port. Visiting a simple web page without requiring any authentication, XSS, or user input, can easily circumvent your security.

A hacker conducted an experiment through a proof-of-concept page, which forced the visitor to submit a hidden form on the standard port for Internet relay chat. By using a hidden value, the form secretly forces the victim to establish a direct client-to-client (DCC) connection. Vulnerable routers will automatically forward DCC traffic to the victim’s internal system. Using the NAT traversal, an attacker can access any port that’s open on the local system.

To allow a hack, the visitor must have an application such as a file transfer protocol (FTP) or a session initiation protocol running on his/her machine. Although the hack doesn’t ensure that hackers will be able to compromise that service, it gives them the ability to probe in the hope of finding a weak password or a vulnerability that will expose data or system resources. Most people have a kind of false sense of security that no one can connect to their ports when they are behind their router.

Attackers having admin privileges on Linux/Windows systems can create havoc with the hardware firewall between the attacker and the server, and use the same ports for backdoor communication, as it is allowed by the firewall. The attacker must first exploit the server, and only then can he penetrate the firewall.

Some of the tools used by hackers – criminal or ethical – are designed to probe the vulnerabilities of a network. Tools that are used to hack a network can go wrong; they can break a system or an entire network, or have other unforeseen consequences.

One of the biggest mistakes a security administrator can commit is to presume all is well. Security consultants may usually claim that your network is secure, but it doesn’t mean that it completely is; it only means that they were unable to penetrate it or break it, someone might be able to accomplish it.

Today, most networks are built on the eggshell principle – it is hard from the outside but soft on the inside. Hence, if an attacker can gain access onto the network, the rest of the network will usually crash like ninepins. Once the hacker gets in, the most difficult part is to identify what to attack next and where to go for the critical enterprise data.

However, with advanced and relevant techniques, you can achieve two key objectives:

  1. To make it tough to gain foothold on the corporate network, in the first place, and
  2. To make it almost impossible to use that foothold to get anywhere else on the network.

HOW TO PROTECT YOURSELF

It is almost next-to-impossible to make your-your completely hack-proof or impenetrable to a cyber attack. However, the harder you make it for hackers to penetrate your system, the less likely they are to devote the time and effort to hack it. The following is a brief list of steps you should take to keep your network safe from almost all kind of security threats or cyber attacks.

  1. Install & Regularly Update Your Antivirus Software: If your antivirus software can allow you surf the web safely or protect your online identity, turn these options on.
  2. Secure Your Network: Ensure your network is protected by a strong alphanumeric and special character password, and be sure to set up a firewall to avert intruders. Many routers come with pre-installed firewalls.
  3. Upgrade Your Software Constantly: This will fix most of your security issues. You must also regularly update your OS and web browser.
  4. Download Only From Trusted Sources: Even when you are downloading something from a trusted source, the security might be compromised if the site administrator has not installed proper security measures in place.
  5. Be Alert With Email Attachments: Hackers just love to target the email attachments. Be cautious on what you click, even if you think the email is from the government or your bank.
  6. Never Visit Doubtful Sites: If you’re unsure about the security of a website, cross-check it first with online site checking services such as Norton Safe Web.
  7. Maintain Your Passwords: Create passwords that are difficult to guess, change them regularly, and never use the same passwords for multiple sites.
  8. Turn Off Your Computer: When your computer is not in use for extended periods of time, turn it off. This step is a surefire way to protect your system against any invasion or attack.

THE TAKEAWAY

Enterprise security is of great significance in today’s world, as organizations fully understand how inadequate measures can hamper their day-to-day operations. The single best thing that you can do to keep the hackers out of your network is to educate yourself, understand the security setting of the software and operating system you use, and exercise extreme caution when you are online.

To protect your business assets from cyber-attacks, you must have a thorough knowledge of the first indications of a security breach. Our tailored Managed Security Services offer proactive and systematized security monitoring and analysis methods to discover signs of penetration in network traffic and security logs, which help you stay vigilant of attacks. We identify and close gaps, weaknesses, and areas of vulnerability across your network infrastructure. A healthy dose of mistrust and caution when surfing the uncharted waters of the web will do you and your business a world of good.

PREVIOUS ARTICLE

Internet of Things (IoT) Trivia

NEXT ARTICLE

Internet of Things (IoT) Trivia 2

About the author Les Williams

Les Williams is the Chief Marketing Officer at ExterNetworks. Les evolves and manages innovative marketing strategies to drive growth for the organization. He has in-depth knowledge about IT services, and knows how to align branding activities to attain IT business objectives.