What is your digital fingerprint online really? If you think about it, it’s the auditing controls in place on each of the servers your web browser connects to. In some cases the server may only cache the information while you’re using the web application and then disregards it once the connection is gone. These audit controls or server audit logs, record as much information as they can about your session once connected. The information the server gathers varies depending on what audit controls, if any are turned on.
I’m paranoid, so let’s assume that every server in the world has some sort of audit controls turned on. We would then know for sure that every server or device in the world will be recording at least your public IP address into the event logs.
- Mask your public IP address, which can easily be done with the use of a VPN or Proxy.
- Would recommend the Tor Browser which is a free product.
- Perform all actions through the web browser.
- You need your web traffic to look normal and not raise any alarms. This will help blend in with everyone else on the internet.
- Common web visitor mistakes are often ignored and seen as normal traffic.
- Examples; Web URL typos, broken web links, wrong button clicks, 1 or 2 mistyped passwords.
- Each malicious action performed, should be done from another website connecting to the target website.
- This will help mask your public IP address in the event logs and all the actions you perform will come from multiple websites with different IP addresses and Geo locations. You don’t want all of your link clicks, wrong button clicks, and URL typos to all come from the same public IP address. These actions will make it more difficult for a security system to find a pattern or algorithm for the actions.
- You will need to be patient and to not perform the actions too quickly.
- Performing the actions too quickly may set off alarms or the traffic may get picked up as a bot or software program performing the actions.
This may seem like a lot of work just to cover your tracks when visiting a website. Within the coming weeks, we will describe in a series of articles, how these actions come to play a part either to gather information on a target website or to perform an attack on a website.
Audit logs are a very critical part of security. Without audit logs, company’s would not know anything about the good or bad visitors to their website or web application. Auditing and monitoring event logs is a huge expense with no payoff to the production of a company’s profits. Whenever you see a data breach or privacy breach with the word “potential”, then most likely the company either didn’t have any audit controls in place or not enough audit controls in place.
Falcon Network Services offers a Managed SIEM service that is competitive in pricing and could take care of all your audit log needs. The service comes with different levels to fit any company’s requirements. Help protect your company’s infrastructure today, visit https://fns1.com or email email@example.com
OUR SECURITY SERVICES INCLUDE:
- Risk Assessments
- Penetration Testing
- Web Application Testing
- Security Awareness Training
- Managed SIEM
- Managed Security Services (MSSP)
- Security Consulting