3 ways to make your Windows network harder to attack

Start the new year right by checking these three areas for potential vulnerabilities in your Windows network. Don't make it easy for attackers.

Microsoft Windows  >  Defending against attacks
IDG / Microsoft

As you start the new year, it’s a good time to think about what you can do to keep your network and organization from being low hanging fruit for attackers. Taking these steps won’t make you immune to attacks, but it might encourage attackers to go after someone else.

1. How you get in, they get in: Protect remote access and management access

The MITRE ATT&CK framework lists the ways and ports typically used for management access to servers and workstations. Attackers know these access methods as well and target the ways you enter your network. For example, if you use any of the following ports and expose them to the internet, add closing, blocking or enabling two-factor authentication (2FA) on them to your to-do list for 2020.

  • SSH (22/TCP)
  • Telnet (23/TCP)
  • FTP (21/TCP)
  • NetBIOS / SMB / Samba (139/TCP & 445/TCP)
  • LDAP (389/TCP)
  • Kerberos (88/TCP)
  • RDP / Terminal Services (3389/TCP)
  • HTTP/HTTP Management Services (80/TCP & 443/TCP)
  • MSSQL (1433/TCP)
  • Oracle (1521/TCP)
  • MySQL (3306/TCP)
  • VNC (5900/TCP)

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022