A new type of protection against cyber attacks!

Started by goppog4334, Jul 04, 2022, 05:13 PM

Previous topic - Next topic

goppog4334Topic starter

I heard from a friend that DDoS protection has been released and it can be purchased for a fee! They save you from many types of cyber attacks.


I would like more information on this protection against cyber attacks. What is it called and how can I buy it online? I'd like to know about the price too...



An interesting offer, but how profitable is it? Have you already learned something for yourself? Since DDoS protection is quite expensive nowadays, and if you get to a low-quality manufacturer, you can do harm.


To prevent the interception of domain name management, it is recommended to keep up-to-date electronic contact addresses. It is also necessary to make sure that unauthorized persons do not have access to the contact mailbox. In order to avoid problems associated with non-receipt of information about the status of services, all information entered in the "e-mail" field of the questionnaire must be reliable.


Technical means of protection
The use of DDoS protection as necessary, the introduction of WAF and the use of vulnerability scanners, is an integral part of an integrated approach and serves as additional protection. These tools are used as auxiliary tools in a bundle of audit tests. Remember - WAF prevents only a part of targeted attacks on already defined and known signatures and patterns, business logic vulnerabilities are outside the firewall use zone.
During testing of some projects, it is possible to find out the real ip address of the application, then the WAF becomes absolutely useless, since all attacks go around it, and not through it, as was originally intended. Vulnerability scanners make it easier for the auditor to collect information about the need for service updates during testing/Software, detection of unsafe configurations, open ports and analysis of surface vulnerabilities, but they are not a panacea in any way and, as tests show, do not provide 100% detection of all threats.

Staff training

Many attacks on companies are carried out with the help of social engineering. A person still remains the most vulnerable link in the security chain. An attacker can easily ask to check the "problems" in his personal account, where malicious code is already placed, with which you can easily steal a support employee's session and get privileges in the system.

Or, posing as an employee of the IT department of the same company, take advantage of the employee's trust and inattention, referring to problems with his computer, ask for data to access the system.

That applies to large companies where employees from some departments do not know the face of specialists from the IT department, so such a call and request will not cause any suspicion. The use of password policies and regulations, even for ordinary personnel, is the most important rule for ensuring security within the company.

Trust support only to experienced specialists. Send your programmers to courses on web application protection.
Summing up and thinking about the most effective method of protecting your projects, remember that security is a process, not a one-time event. Do not forget about the banal software update and the use of safe programming methods.

Use only an integrated approach - technical protection + audit
Update all network services and software to the latest versions to avoid using public exploits. Use the services to check https://www.cvedetails.com and https://www.exploit-db.com and the like
Regularly test with a vulnerability scanner, for instance Acunetix WVS
Disable debugging and tracing in the web site code (to prevent data disclosure)
Disable unused OS functions in environments
Monitor and analyze server log files
Restrict IP access to critical data

Strictly separate testing and development environments to avoid data leakage
Think carefully about the business logic of the application, especially when integrating with payment systems, in order to avoid vulnerabilities with the substitution of withdrawal orders, cryptocurrencies, points, etc.
To protect against OWASP attacks: pass cookies with http-only flags (protection against cookie theft through embedded Java Script code); set the HTTP header X-Frame-Options (protects html page frames from imperceptible connection of other people's frames)+ set the HTTP header X-XSS-Protections (instructs the browser to delete unsafe content with a value of 1, in case of an XSS attack on the web  site)
For basic filtering of all attacks from the TOP 10 OWASP list, it is enough to install an .htaccess filter https://perishablepress.com/6g-beta / (filters user parameters by regular expression)
Correctly configure the iptables network filter (with default DROP policies, for INPUT, FORWARD and OUTPUT chains) to block all unaccounted connections. The policy of the main iptables chains should be forbidding. All services used only for local purposes should be inaccessible from unknown networks.
Install the Fail2ban utility to prevent the selection of passwords for any network services, the number of failed connections with passwords should be limited.