at a critical part of network security is known as device hardening to in order to maintain in the integrity of a network, you need to maintain the integrity of the devices on the network and everything that attaches to the network.
So there's a couple really good device hardening techniques
that are important to keep in mind. Now these apply to more than just computers. These applied mawr, too.
Routers, switches, bridges, connections and things like that. So the first is changed. Default credentials. Most routers and switches in hardware appliances like this usually have some type of default credential. Whether be admin. Admin, admin. 12345
Admin move. No password. Something like that.
And it's very if they come that way. So when they're getting set up for the first time, the person who is setting it up can log into the device. And then from there, they can set it up according to how the network is laid out.
Now it's very easy to acquire these default credentials.
All they do. All you need to do is go on the online and Google or look in. You know the user's manual for that particular device. It's not difficult to Google. You know, Cisco, Cisco default. No credentials for you know, whatever model rather you have. And then from there you can get them and you can try them, and
that's why you need to change them immediately.
You definitely need to keep devices up to date that are on the network. If there is a security patch available, patch it. If you need to update firmware somehow update, update the firmware. You want to make sure that the devices stay up to date and are healthy devices as much as possible. You don't want out of date systems.
You want to use secure protocols, sometimes in order if there's a switch or a Ratter that can be hard to access. You can access it remotely, but you want to make sure you can access it properly and safely. You don't want to use programs like Telnet, which are insecure,
and send credit credentials in plain text over the network. Know you want to use
S s each where it creates a tunnel and everything is encrypted. You want to disable unnecessary services as well.
Most in time services running on these network devices. They're handy there. They they could be helpful, but a lot of times they're not really necessary. You want to restrict these unnecessary services and only have the bare bones things running, cause that makes the job harder. Four Attackers. The less things that are running,
the better off you war, and it's the last thing is you have to worry about.
And finally, you want to disable unused ports as well. If it's not being used, then just completely disabled so no one else can use it, either. This applies to firewalls. This applies to
Browder's and switches as well.
In today's video, we discussed network based protection components,
all of the following our network device hardening techniques except a disabling, unnecessary ports
be changed. Default credentials. See you secure protocols or D using patch management for updating devices.
If you said D, then you are correct. Patch management and of itself is not a device hardening technique, but it should be used when updating devices and applying security patches. I hope you guys learned a lot in this lesson, and I'll see you next time