Andy Johnson-Laird, President of Johnson-Laird, Inc., was kind enough to offer advice on three security techniques he recommends to detect and deny hackers, such as those we discussed in last week’s blog post.
- Intrusion Detection Systems identify external probing or port scanning of known IP addresses. He describes it as “the equivalent of lying in bed at night and listening for someone rattling your front door handle. It’s a more or less constant rattling when it comes to port scanning.” See https://en.wikipedia.org/wiki/Intrusion_detection_system.
- Network Address Translation (NAT-ing) prevents the routing of internal IP addresses. Internal IP addresses will be selected from the range of “non-routable” addresses reserved by the Internet Engineering Task Force and the Internet Assigned Numbers Authority. See https://en.wikipedia.org/wiki/Reserved_IP_addresses.
- Internet Protocol Security (IPSec) is an end-to-end security scheme that requires mutual authentication at the beginning of communication and the negotiation of cryptographic keys during the session. See https://en.wikipedia.org/wiki/IPsec.
News Flash, May 12, 2016:
The Department of Justice proposed that the biometric database the FBI has been amassing for eight years should be exempt from privacy laws. If approved, the proposal would free the FBI to save images of faces, handprints, tattoos, iris scans and biographies of people who don’t know of the existence of, let alone the content of, their files. The largely unvetted findings of investigations other federal agencies conducted on job applicants will also be included in the database. In a nutshell, anyone could be detrimentally affected based on inaccurate information and never know it.