Skip to main content

How can I do a basic check of my internet security at my home or office?

I worry about internet security for my home office or business what do I do?

This isn't meant to be an all inclusive guide to perimeter or firewall security, but if you worry about the security of your home, home office, or small business internet. Here's a great tip to use your cellphone as an infosec tool to assess the security of your perimeter. So let's dive right in:

  1. From a computer on the network you'd like to test go to whatismyip.com 
  2. Take note of the IPV4 address, this what we call your real world IP address we're going to need it in the next step.
  3. Download Fing from the android or iOS app store. 
  4. Open Fing Click Tools at the bottom then click "Find open ports" Input the IP you got from step 2. 



  5. Before you click scan make sure to turn the Wi-Fi off on your device, you want to simulate an external scan of your network, and your cellphone disconnected from Wi-Fi does a good enough job of representing that for a quick and dirty test like this. 
  6. The results will identify different ports and services, sometimes with a short description or explanation of what the service related to the part does. Here are just a few to watch out for especially if you don't have a reason for these services to be available outside of your home or office but if you do I would maybe reconsider using a VPN to access these services:
    1. 80, 8080, 443: Usually used for web based control panels for routers and other networking and inter-faceless equipment. 
    2. 3389, 5900: Remote desktop ports for Windows and VNC (Mac/Linux/Windows)
    3. 137, 138, 139, 445: These ports are found in Windows Networking and File Sharing
    4. 548: Apple Filesharing Protocol 
    5. 22: SSH used to remote manage and control computers. 
    6. If you find a port that I didn't list google: what does x port do? to find your answer.
  7. Careful I just taught you how to port scan so now you have to promise to only do it to things you own or you could get in serious trouble. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Why traditional Pen Testing is dead.

Annual, bi-annual, and quarterly penetration testing schedules will be a thing of the past.  The advent of sophisticated cyber threats has necessitated a paradigm shift in vulnerability management. In this transformative digital era, the static, once-a-year model of traditional penetration testing is becoming increasingly obsolete. Instead, it's time for businesses to embrace a dynamic model of continual vulnerability detection and mitigation - Penetration Testing as a Service (PTaaS) by Xcape, Inc. This innovative service combines the precision of automated remote pen testing with the strategic oversight of seasoned penetration testers, creating a comprehensive solution for the latest cybersecurity concerns. The Case for Internal and External Network Testing In a conventional cybersecurity setup, the focus is often on safeguarding the external network, the so-called perimeter. However, this perimeter-centric approach, while essential, is not sufficient in today's threat land...
1 comment
Read more

Revolutionizing Security: Embracing PTaaS for Agile Risk Management and Maturing Security Programs

Organizations face constant threats to their information systems and data in today's rapidly evolving digital landscape. Traditional quarterly pen testing, although valuable, may no longer be sufficient to safeguard against emerging vulnerabilities adequately. This article explores the concept of Pen Testing as a Service (PTaaS) imagined by the team at Xcape, Inc. , and its potential to revolutionize how organizations manage risk and strengthen their security programs. PTaaS offers a proactive and continuous approach to vulnerability management and risk mitigation by establishing a collaborative relationship between information security teams and IT leads. The Limitations of Traditional Quarterly Pen Testing: Traditional quarterly pen testing has been a staple in organizations' security strategies, providing valuable insights into vulnerabilities and weaknesses. However, the rapidly changing threat landscape and evolving attack vectors render this periodic approach inadequate....
1 comment
Read more

How can managed IT services benefit my business?

How a great MSP can make running your business, seem effortless. In today's digital era, businesses rely heavily on technology to streamline operations, enhance productivity, and stay competitive. However, managing complex IT systems and infrastructure can be challenging and time-consuming for organizations, especially those lacking in-house IT expertise. This is where Managed IT Services Providers (MSPs)  like Xcape, Inc. , come into play. In this article, we will explore how partnering with an MSP in Los Angeles, CA, can benefit your business and propel it to new heights of success. Proactive IT Support and Maintenance: One of the primary advantages of Managed IT Services is the provision of proactive support and maintenance for your business's IT infrastructure. Rather than waiting for issues to arise, MSPs monitor your systems 24/7, identify potential problems, and resolve them before they impact your operations. This proactive approach ensures maximum uptime and minimizes...
Post a Comment
Read more