Countermeasure “an action taken to counteract a danger or a thread.” pretty simple concept right? Defending ourselves from bad people and attacking them back, is that it? Well, yes and no at the same time. Security countermeasures are all those actions, procedures and techniques that can reduce a thread or an attack by either preventing it or eliminating it once it happened already, even reducing the effect could be seen as countermeasure. So yes protecting yourself, but in all means; everything you can do to in order to minimize the damage.
So what are some security recommendations that might become useful to prevent attacks? I would say to you to start by regain control of your modem/wireless router! It will be a short example of what a security countermeasure would be, focused in a router, but it should be as this example for every element in your system. Take in consideration the following list of things one can do with its personal wireless router in order to increase security on the network.
- Change the defaults (user and password, using a strong password)
- Change default SSID (they give modems model information)
- Enable WEP encryption (At least, though WPA-PSK is much better)
- Do not access your router remotely (instead use ssh, embedded web servers in the router might be dangerous choice)
- Logout after any significant configuration
- Enable MAC filtering
- Use a Firewall
- Turn off the network when not in use.
- Keep your routers firmware updated, this will install the latest patches and increase security.
Ok, we get the concept, now the most important question in this blog. How will I protect everything else? I found this really cool post from Adrian Lance, linked right here. He talks about this topic in particular, but what I like the most was that he named various techniques that can be implemented in almost any kind of system, which I’ll name and explain now.
- Encryption.
We think that this is one of the most important and simple techniques to have in a system. Having all the sensitive data hidden from the attackers will prevent unwanted inspection and a lot of common thread. There are a great number of services that help us developers to easily implement encryption in our services. - Privilege management.
Having levels of access in a system is very useful and important. Privileges allows us to have data integrity and confidentiality assurance. - SQL injection prevention.
One of the most common attacks is SQL injection. It’s curious how it also is one of the easiest attacks to prevent; depending on the database service you’re using queries will be read differently, but it’s worth taking a couple of minutes reading about string and entry recognition so that you can prevent this kind of attacks in your forms or websites.
These were the three points that I found most interesting in Adrian’s blog. That doesn’t mean those are the only attacks or things we should prevent. What we learn is, we think that the most important thing in order to prevent ourselves is to follow simple security practices since the beginning, such as keeping our system updated and doing some research before hardcoding or implementing a new feature to our system.
This blogpost was written in collaboration with Kim. Love to here all the way from here. Go ahead and give her some love in her blog! I’ll link it here.
Diego's Password 