Assignment 5‐1 Availability and Redundancy Security Reflection - benjigifford/SEC-440 GitHub Wiki

Issue 1

• Problem 1: Devices from the WAN network can SSH into OPT devices. This poses a risk of not only my classmates pulling pranks on me, but also a security flaw since anyone on the internet can access my web servers.

• Solution 1: Disable ssh connections from WAN network to the OPT Network. This can be done via firewall configs.

Issue 2

• Problem 2: There could be an insecure http connection since my web servers are listening on port 80.

• Solution 2: Change these to port 443. Doing so will change the protocol from HTTP to HTTPS, which encrypts any data traversing that connection.

Issue 3

• Problem 3: Internal traffic on the LAN network is not encrypted, which poses a security risk.

• Solution 3: Add services to encrypt locally routed data to mitigate unencrypted data on network.