08-16-2022 11:25 PM
Hi Team,
Could you please help me to know, which types of attacks should we block on firewall. One example is ddos attack.
08-16-2022 11:42 PM
Read each IOC carefully and block accordingly.
08-17-2022 12:05 AM
That is a very VERY general question. The answer would depend on what you are exposing to the internet, what type of devices are on your network (MAC, Windows, Linux, switches, firewalls, Wireless, Servers, other VMs, etc.).
I suppose the most common attacks are DDoS, Ransom Ware, and Phishing as these are quite easy to execute.
Ransom Ware and Phishing are best mitigated by holding security best practice courses for all your employees so they dont click on links in emails thinking they have won a lottery that they never actually entered.
DDoS can be a little more difficult to mitigate as there are a few different attacks types here. But for the most part these can be stopped using IPS and / or a strict firewall configuration policy.
You should also consider subscribing to news feed from the likes of Talos and NIST (there are a lot of others that slip my mind at this moment.)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide