Four simple security tips
By Robert Bagnall
Concentrating your efforts on simple security helps keep the intruders out and your budgets intact. We all have budget issues, and there is never enough money to get it all done right.
So what to do? Try eliminating the easy things first, things you might otherwise overlook. For example, let's assume you have a well-secured server closet in your organization. All your security systems are inside -- firewall, IDS, authentication server. Now imagine that you boot these systems from the hard drive.
Tip #1:
Try this instead: Make a bootable CD with only what you want for a configuration and boot
your perimeter and security systems from CD-ROM. This way, you eliminate the ability of an intruder
to write to the system files on the hard drive. This stops both the external and internal threat to
system reboots and means that access to altering this state must be taken at the server closet --
which is much more easily monitored.
Tip #2:
Easing the pain of Web hacks: Try configuring a CD-ROM with an exact copy of the
configuration you want for your Web site. Then write a script to refresh the site at specific
intervals using the configuration from the disk. In one organization I observed, they refreshed the
Web site every 15 minutes. While slowing the site a bit during the day, this policy ensured that
even if the site was compromised,
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
it did not stay so for long and allowed the system admins to
sleep through the night peacefully.
Tip #3:
Cheap, effective security paging: Most of us own cell phones now, particularly the systems
and security administrators, because we get pulled from sleep the most for network issues. Many of
us come from the old environment too, where pagers and cell phones were carried. With the
introduction of Web-capable phones, however, text paging via cell phone is a very simple process
and means that pagers no longer have to be purchased or carried. In one of our customers security
departments, we instituted the cell phone paging process with a template that populates a
pre-formatted message via a Visual Basic program. This lets the receiver know if the issue is
critical or FYI with a single glance at his/her phone. Creative security admins, particularly those
in smaller organizations with tighter budgets, could even use the VB program to autopopulate
messages from the IDS system so that a human would not even need to be involved in the paging
process.
Tip #4:
Behavior-based malware defense: Tired of having to manage the antivirus efforts across tons
of hosts and servers? Are you most often protecting these systems from the users who sit at them?
Behavior-based malware defense is your answer. Try supplementing your current signature-file
defense with a product such as "Achilles Shield," by InDefense. This perimeter-centered tool stops UNKNOWN code,
based upon unacceptable behavior parameters. Yet it is flexible enough to allow you to certify
home-grown macros and other code you might use within your enterprise. This is particularly
critical as the growth of agent-based and scripting technologies takes more of the tedium from our
administration efforts. The product resides on the user's desktop and, since it is behavior-based,
does not require frequent updating like the signature-file products. Thus, the management overhead
nightmare is greatly reduced as well. I discovered this product during the Melissa virus outbreak
and mine was the only system in the organization I was at during the Love Bug outbreak that could
continue to operate uninhibited on the network. It's worth its weight in gold, and is very
affordable both for consumers and enterprises.
These tips are alive and well in the real world and I hope they help you manage your network defenses more smartly and cost-effectively. Configurations via CD-ROM require frequent updates, to be sure, but the pain of $1 per CD every month or couple of weeks is much more cost effective than dragging systems administrators out of bed at 4 o'clock in the morning to put a Web site back up!
We all face too many problems with too few people and resources. Defending computers smartly by putting the technology at hand to work for us, in simple and effective ways, is the only way we can stay on top of things as the management pain of our enterprises increases.
Related book
Information
Security Management & Small Systems Security
Author : Jan H.P. Eloff, Les Labuschagne, Rossouw von Solms, Jan Verschuren
Publisher : Kluwer Academic Publishing
ISBN/CODE : 0792386264
Cover Type : Hard Cover
Pages : 256
Published : Sept. 1999
Summary:
This book presents a state-of-the-art review of current perspectives in information security
management and small systems security, focusing on technical and functional as well as managerial
issues. It contains the selected proceedings of the Seventh Annual Working Conference on
Information Security Management and Small Systems Security, sponsored by the International
Federation for Information Processing (IFIP) and held in Amsterdam, The Netherlands, in Sept./Oct.
1999.
This was first published in May 2001