Ask the Expert

Protecting a server from users

How can I protect my critical servers from internal users? They can simply use the IP address of the server to bring it down.


    Requires Free Membership to View

Most internal private networks should be considered hostile even though they are suppose to be protected. This is why any policy protecting the network at the perimeter should also be used internally. A computer network should not be like an M&M -- hard on the outside and soft on the inside. Instead, all policy outside and inside should be the same.

Servers should be protected with a proper infosec policy, auditing, and management. Host IDS should be used at ALL critical servers -- even on the inside. If you follow these rules and harden ALL your devices no matter the location, than you will be protected. If you feel you have a threat internally, I suggest using IDS Network and Host, both on the external (or extranet) and Internet networks. Enable advanced logging and AUDIT those logs. Additionally, have your management buy into a policy that dictates the termination of people who attempt to hack or crash your internal systems. Most companies have a policy that says only infosec can run scanners and other hacker/cracker software.

Create the policy and post it. That should cure most of your issues. Place logging devices (IDS), and enable logging on your servers.

Finally, as stated, always assume your networks are hostile, even the inside systems and hosts/users.


For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Security Policy & Infrastructure
Security Policies Tip: Creating an information security policy
Security Policies Tip: Developing a network security policy


This was first published in February 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: