Network Services & Security Briefing

Network Services Survey

  • Backup & replication of data
  • Chat, conferences & meetings
  • Database sharing & administration
  • Distributing computational load
  • Email & attachments
  • File sharing & transfer
  • Virtual Private Networks
  • ip Telephony - free phone service!
  • Internet infrastructure services
  • Printer sharing & control
  • Remote system administration
  • Running applications from servers
  • Scheduling & coordination groupware
  • Streaming music & video
  • Web servers & browsers
 

Security Vulnerabilities

  • Worms & viruses
  • Buffer overruns
  • Services with high system privileges
  • Open mail relays
  • Unencrypted login name & password
  • Unencrypted data
  • Weak encryption
  • Identity theft
  • Trojan horses & back doors
  • Incorrect installation & maintenance
  • Subtle flaws in network protocols
  • Dictionary attacks
  • Header & IP spoofing
  • Denial of Service Attacks
  • Portable computers & media
  • Email attachments & file transfers
  • Under trained administrators
  • Disgruntled employees
  • Spam
 

Effective Security Practices

  • Stateful ghost firewalls
  • Chroot jails
  • Logging
  • Automated secure upgrades
  • Backup & replication
  • Virtual servers
  • Shadow password files
  • Readonly filesystems
  • Intrusion detection tools: Tripwire, Snort, etc.
  • Honeypots & honeynets
  • Partitioned networks
  • Dummy accounts for services
  • Virtual Private Networks
  • Strong cryptography - ssh2, SSL, pgp, etc.
  • Security audits & simulated attack tools
  • Open Source software
  • Good employee training & morale
  • Smart email filtering