It is important to first think of what exactly you are
trying to protect, how you can make processes better, not
worse and not perfect. Secondly, think of the technology that
is going to help you accomplish that. Employ the tools that
are needed and are necessary, rather than overloading your
system with tools you think you might need.
- Define user rights
practices defined by Cert.org
- Block unused USB ports
- Eight tips
for wireless security
- Try password
- Request for Comments (RFCs)
- Secure critical areas
- Lock inactive computers
- Keep administrative rights to the minimum
rights to tasks
Ensure that your users have the appropriate rights
to carry out their tasks.
This way there is more control on who does what. You can assign
to either group accounts or to individual user accounts. Those
rights vary from logging
on to a system to backing up files. It is wise to apply group
rights to simplify administration tasks. By this way, when
a user is added to a group he/she automatically inherits the
rights associated with that group.
practices defined by Cert.org
System administration practices play a key role in network
security. Checklists and general advice on good security practices
are readily available. Below are examples of commonly recommended
Ensure all accounts have a password and that the passwords
are difficult to guess.
A one-time password system is preferable.
Use tools such as MD5 checksums (8), a strong cryptographic
technique, to ensure
the integrity of system software on a regular basis.
Use secure programming techniques when writing software. These
can be found
at security-related sites on the World Wide Web.
Be vigilant in network use and configuration, making changes
as vulnerabilities become known.
Regularly check with vendors for the latest available fixes
and keep systems current
with upgrades and patches.
Regularly check on-line security archives, such as those maintained
by incident response teams, for security alerts and technical
Audit systems and networks, and regularly check logs. Many
sites that suffer computer security incidents report that
insufficient audit data is collected, so detecting and tracing
an intrusion is difficult.
Block unused USB
USB ports can allow devices to autorun programs as soon as
they are mounted
on the computer. They could contain malware that could infect
To prevent this from happening it is wise to have a policy
around USB usage or disable unused USB ports.
Conflicker Summary and Review
tips for wireless security
- Change default passwords
With your superuser account access you can change the default
and user passwords. It is important that you do that as
soon as you install the wireless network to improve the
security. The default passwords for many popular wirells
network providers are well known by hackers. Keep changing
your passwords every so often to maintain network security.
- Wireless Encryption Protocol (WAP)
WEP should be turned on and make sure that you have the
latest patch or system upgrade for your wireless router.
It does not keep hackers away but at least it makes it a
little more difficult to crack into your network.
- Do not mix vendors
t is wise to stick to one venor for your hardware and software
r than mixing various vendor products that do not work in
harmony and you
need to do extra work to follow updates and fixes.
- Build an intrusion detection system
Be prepared to monitor your network traffic so that you
can detect suspicious movements. With the right settings
you can use it to prevent intrusions from taking place.
- Educate your users
There are a great number of security incidents that take
place out of carelessness and ignorance from the point of
the user. Make sure you educate your users,
have a security policy implemented to minimize risks.
- Devide wireless and wired networks
Divide your wireless and wired networks into separate segments
a firewall in between to prevent anyone who has gained unauthorised
to your wired network to get into your wireless network
- Arrange your access points
Arrange your access points to cover only the area that you
want it to cover.
A wireless signal that exceeds the desired area can be exploited
to access your network from the outside. There are some
access points that reduce their signal strength when they
are out of boundaries to minimise the risk involved.
- Turn off DHCP
It is easier for attackers to obtain an IP address from
your DHCP server once you have it enabled. By turning it
off, you can set a fixed IP address range and configure
each device to connect to them. You can also use a private
IP address range
for more security.
It can be ironic, but password cracking progammes
can help administrators check
the weekness of passwords within a network by breaking into
There are a number of those tools, some for free. For instance
is a payed one. These should be handled with care.
Request for Comments
Request For Comments (RFC) are a series of documents encompassing
new research and innovations in internet technologies. The
Internet Engineering Task Force (IETF) adopts some of those
documents as proposals to become interent standards.
Here you can find some of those RFCs that are related to
- RFC 3227 Guidelines for Evidence Collection and Archiving.
- RFC 2142 Mailbox Names for Common Services, Roles and
- RFC 2350 Expectations for Computer Security Incident Response.
- RFC 2196 Site Security Handbook. Read
- RFC 3013 Recommended Internet Service Provider Security
Services and Procedures. Read
- RFC 4949 Internet Security Glossary. Read
Secure critical areas
Data security is almost useless if someone can easily walk
away with the device where the data resides and have all the
time in the world to try and access the data on the device.
It is wise to have locked server rooms, locking desktops and
laptops to the desk, and in general securing physical IT assets
maybe with some access control implementation.
Lock inactive computers
When users walk away from their computers they are vulnerable
as anyone can walk up and access all the information on that
user's computer. There should be a policy that computers should
be set to lock themselves after the shortest period of inactivity
or users should lock their computers themselves whenever they
leave their desk.
administrative rights to the minimum
Many companies grant administrative rights to their users
so they are free to install applications themselves. User-installed
software can create security problems as well as copyright
issues. Administrators should not rely on any user to do any