Rapid Vulnerability Assessment Report

Size: px
Start display at page:

Download "Rapid Vulnerability Assessment Report"

Transcription

1 White Paper Rapid Vulnerability Assessment Report Table of Contents Executive Summary... Page 1 Characteristics of the Associated Business Corporation Network... Page 2 Recommendations for Improving Security... Page 2 Characteristics of a Secure Network... Page 3 Internet Security Assessment... Page 4 Overview... Page 4 Methodology... Page 4 Internet Probing... Page 4-5 Dial Access Security Assessment... Page 6 Overview... Page 6 Methodology... Page 6 Internal Security Assessment... Page 6 Overview... Page 6 Methodology... Page 6 Recommendations... Page 7-12 CDWG.com

2 Executive Summary Advanced Technology Services performed a Rapid Vulnerability Assessment for Associated Business Corporation (ABC) on February 15, The assessment was performed over the Internet through the public switched telephone network, and during an onsite visit to ABC. This document is a summary of the findings, and is intended to: Give an overview of the security of ABC s security posture relative to that of other networks Summarize some of the technical issues raised during the audit Highlight the major findings of the assessment Recommend corrective action for remediation of the vulnerabilities found This section provides a summary of the assessment results. First, the characteristics of ABC s network are examined and compared to industry standards for secure networks. Next, a summary of our findings is presented in three categories, detailing the specific traits by which the Network Security Engineers (NSEs) made their evaluations. Finally, general recommendations are made for improving the security of the Associated Business Corporation network. Characteristics of the Associated Business Corporation Network Table 1: Security Rating for the Associated Business Corporation Network Location Security Rating From the Internet Insecure From the PSTN Moderately secure From the internal LAN Insecure Strong Security Points During the course of the audit, the NSEs were impressed with (a) certain aspect(s) of the Associated Business Corporation network: Account lockout after failed login attempts was set at a highly secure setting. NSEs had difficulties with accounts that locked out and remained locked out. Account lockout prevented the NSEs from using brute force login techniques for fear of causing a Denial of Service (DoS) to Associated Business Corporation. However, intruders to the Associated Business Corporation network would not be as polite as NSEs. Recommendations for Improving Security The security of the Associated Business Corporation network will be further improved by implementing the following recommendations: Improve firewall packet filter restrictions to restrict access to services. Patch Microsoft IIS Servers to the proper level or disable external access. Follow Microsoft s published IIS configuration checklists to reduce the threat of typical web exploit techniques and closely monitor IIS web logs for typical signs of compromise. Disable remote access to pcanywhere unless it is absolutely required, and even then consider allowing it only over a VPN. pcanywhere is a dangerous service to run exposed to the Internet. 2

3 Characteristics of a Secure Network Advanced Technology Services has analyzed, designed, implemented and performed troubleshooting on secure networks for a wide variety of clients, including national and international corporations and government agencies. Drawing on their assessment and engineering experience, the NSEs have developed a classification scheme for rating the security of corporate networks. These ratings are based on compiled observations from the many audits the NSEs have done, not on any one network or class of networks. Fundamentally, it is fruitless to appraise the security of one network in comparison to that of another: no two corporations have the same needs, goals, operational constraints or policies. Moreover, the goal of an assessment is not to pass judgment on the state of a customer s network, but rather to identify ways in which security can be improved. Nonetheless, in the course of their assessment work, the NSEs have developed a list of what they consider to be the key aspects of a network security program. As part of every audit, the NSEs evaluate the degree to which the customer s network is aligned with what they consider to be best practices in each of these areas. The NSEs evaluate the security characteristics of the audited network and compare them to the baseline characteristics in Table 2, below. The network is assigned a rating in each category: highly secure, moderately secure or insecure. Taken together, these factors summarize the overall security of the assessed network. The ratings are subjective, to a certain degree, because there is no universally accepted standard for network security. At the same time, the ratings are based on real-life experience: the NSEs have found that those networks which exhibit the traits marked as highly secure are indeed less susceptible to intrusion. Table 2 on page 3 lists these characteristics and explains the criteria for determining the security level of each. Table 2: Network Security Characteristics of Associated Business Corporation* Network Security Characteristic Password Protection Intrusion Detection Security Staff Firewall Dial-in Access for Users Highly secure networks have Token-based authentication Network and host intrusion detection Dedicated security staff Strong firewall configuration, regular log reviews Single point of access with one-time token authentication Moderately secure networks have Strong password enforcement Periodic review of logs Trained administrators Firewall on perimeter One or more points of access with single authentication method *Gold shading and bolding indicates characteristics exhibited by Associated Business Corporation Insecure networks have No password policy or unenforced password policy No intrusion detection No security staff No firewall Multiple points of access with differing authentication methods 3

4 Internet Security Assessment Overview The first step in assessing the security of a network is to identify the various points of access to it. Before mounting a concerted attack, a hostile entity needs to know the following: The number of target hosts exposed to potential exploits The logical location of these hosts, and how to reach them The services they offer Information about the various platforms involved, the operating systems they are running, and when possible, the versions of the various applications they run These are the essential ingredients in beginning an invasion. Usually, some of this information is publicly available, and necessarily so. In the course of searching public resources, however, a prospective attacker often uncovers other, more subtle facts, such as: Information about trust relationships between these hosts and other entities; i.e., customers, administrators and service providers The identities of at least some system administrators The sorts of data that might be available on a given system Some initial clues as to how security policy is implemented The goal of the Internet Security Assessment is to produce a rough diagram of the public ABC networks. Once publicly visible networks and nodes are identified, the NSEs proceed to use the vulnerability scanner Nessus 1 to make a more detailed diagnosis. The output of this exercise provides an intruder with a clear idea of what exploits and vulnerabilities are likely to be successful. Methodology The NSEs were given three TCP/IP addresses to perform the audit: , , and Starting with those three addresses the NSEs scanned ABC s Internet presence. Internet Probing ABC External Network and Host Discovery Summary The NSEs started with an ICMP ECHO_REQUEST (ping) sweep just to see if they could quickly identify running hosts. This is often blocked by a firewall to prevent rapid reconnaissance of a network. On /29 it appeared that inbound ICMP ECHO_REQUESTs were allowed. The NSEs were able to rapidly map hosts for possible further investigation. Table 3: Suspected External Network Targets at abc.net Domain Name IP Address Status Unknown Up customer Up Unknown Up Unknown Up client Up client Up Unknown Up Unknown Up Unknown Up wireless Up ns Up mail Up ftp Up www Up client Up Unknown Up 1 4

5 Table 4 shows the services that are looked for in a rapid assessment scan. Table 4: Rapid Assessment Service Results Port Protocol Service Name 21 tcp File Transfer Protocol (ftp) 22 tcp Secure Shell Protocol (ssh) 23 tcp Telnet 25 tcp Simple Mail Transport Protocol (smtp) 111 tcp Remote Procedure Call port UNIX (portmapper) 110 tcp PostOffice Protocol (POP) 143 tcp IMAP 80 tcp Http 443 tcp Https 389 tcp LDAP 139 tcp Microsoft Session Services 445 tcp Active Directory Services 8000 tcp Sometimes used for web servers 8888 tcp Sometimes used for web servers 8080 tcp Proxy Web Server 5631 tcp pcanywhere 5900 tcp VNC remote control Port scans for the most common open services were then launched for the entire /29 range. Individual Host Vulnerability Probes The NSEs used Nessus, a security vulnerability scanner, to enumerate the vulnerabilities on each host found during the ping sweep. 5

6 Dial Access Security Assessment Overview One of the most commonly overlooked network vulnerabilities is that of systems which allow dial-up access. Typical devices might include networking infrastructure devices, remote access servers, individual hosts, and other machines (e.g., private telephone exchange systems, call managers, elevators and alarm systems) that require remote administration. This segment of the audit was very limited in scope, and only consisted of identifying vulnerabilities in ABC s dial access pool. The NSEs were provided with the number for this modem pool. Methodology The NSEs used an automated modem scanning tool, PhoneSweep2, to assess ABC s dial-access network. This tool was unable to identify the exact make of RAS server being employed at ABC. A number of common username/password combinations were tested against this account, but the NSEs were unable to gain any access. The NSEs also attempted to log in with accounts found during other portions of the audit, but again unauthorized access was not allowed. It is important to note that this was a dial access audit with a very limited scope. It is possible that there may be other machines on the ABC network with dial access. The NSEs suggest that ABC perform a complete dial sweep of all owned phone number ranges to locate any vulnerable machines. Internal Security Assessment Overview Regardless of whether dial access restrictions and perimeter defenses are effective in keeping intruders out, prudent security strategy dictates that one should assume a breach will occur, and be prepared to deal with it when it does. It is also important to remember that data security on the internal network is a real concern: exact statistics may vary, but a significant portion of security violations originate from within the organizations that are compromised. In addition, internal network security is more than just another layer of protection from hackers it should assist administrators in maintaining control of internal data, prevent accidents, and ensure that stated policies and business practices are followed. Methodology On February 19, 2002, the NSEs were in Anyplace, conducting an assessment of ABC s internal network security posture. In the course of this assessment, the NSEs scanned a range of network addresses, attempting to identify running systems. Once this process was complete, the NSEs probed the available services for known security weaknesses. 6

7 Recommendations This section presents detailed recommendations for improving ABC s network security posture, based on information gathered during the assessment. Each entry includes a description of what the NSEs found, the risk posed to ABC if the current configuration is not remedied, and a specific suggestion for improving security. The NSEs have assigned a risk factor and an estimated cost to each recommendation. The recommendations are sorted by risk (high to low) and cost (low to high). This allows ABC to make well-informed and financially wise decisions about the security of its network. This is considered to be the core value provided by the security assessment. High Exposure pcanywhere Service Running on Critical Systems and Accessible to Internet Internet Priority: High Cost to Fix: Low pcanywhere is a remote control desktop access program that allows complete shared control of a Windows desktop. Its authentication methods are of moderate complexity when enabled. Leaving an unprotected pcanywhere session exposed to the Internet is roughly equivalent to leaving a PC outside the company logged in as Administrator with access occurring from anywhere in the world. Recommendation Disable pcanywhere connections from Internet. Allow connection only from internal networks. of compromise is too great and security controls in pcanywhere are not sufficient for Internet exposure. Default Install of IIS (and NT Option Pack) Leads to Vulnerabilities Internal Priority: High Cost to Fix: Low The default install of IIS includes several sample websites and applications that are intended to be a teaching tool for web development. Many of these samples contain well-known vulnerabilities that either allow unauthorized access to information on the machine or result in Denial of Service conditions on the server. Several web servers in the ABC environment (WIRELESS, FTP, AND WIND) contain the msadcs.dll and the Unicode exploit that allows anonymous users to remotely execute commands as the system process. Recommendation Review Microsoft s Best Practices for securing IIS. 7

8 Cisco Devices Allow HTTP Administrative Access Internal Priority: High Cost to Fix: Moderate It is possible to gain full remote administrative access on devices using affected releases of IOS. By using a URL of where $NUMBER is an integer between 16 and 99, it is possible for a remote user to gain full administrative access. This problem makes it possible for a remote user to gain full administrative privileges, which may lead to further penetration of the network or result in a denial of service. Recommendation Cisco advises disabling the HTTP service on the device or using the Terminal Access Controller Access Control System (TACACS+) or RADIUS for authentication a. a. BugTraq Advisory: Microsoft IIS Servers Running Without Current Patch Level and with Insecure Default Configurations Internet Priority: High Cost to Fix: Moderate Several systems not intended to be web servers are running IIS with insecure configurations. Bulk compromise software targets IIS systems on the Internet. Given the ease of compromising these unpatched servers, it is highly dangerous to leave them exposed to the Internet in this state. Recommendation Either disable IIS services or install up-to-date patches and follow Microsoft s checklist for IIS deployment. In particular, the disk separation of the WINNT operating system directory from the web directories is vital. Having sample scripts and insecure permissions on the webroot areas is also vital for Internetexposed IIS servers. 8

9 Moderate Exposure Cisco Network Devices Allow Login from the Internet Internet Priority: Moderate Cost to Fix: Low The CISCO routers used at ABC allow vty access from the Internet. While the passwords were not trivially guessed, this represents unnecessary risk and the vty login ability should be restricted to internal IS networks. Brute force login efforts could compromise these critical pieces of network gear and cause massive disruption of service and aid in the further penetration of internal resources. Recommendation Disable vty access, except from internal network addresses known to be used by network administrators. Additionally, require serial console access only to these devices. Anonymous Connections Allowed to NT Servers Internal Priority: Moderate Cost to Fix: Low User, share and configuration information can be remotely accessed without authentication. All Windows NT servers allowed anonymous sessions to be established to the IPC$ administrative share. This allows the enumeration of users, groups, shares, and important configuration information without the need to provide a user name and password. A list of known users, including the default administrator account, on a platform makes guessing passwords possible. This account does not, by default, lock out after a series of bad password guesses. Knowing the name of this account, coupled with the no lockout condition creates a situation where a potential attacker can guess passwords forever. Recommendation Make a change to the registry. If the key does not exist, create it with REGEDT32.EXE: Hive: HKEY_LOCAL_MACHINE Key: System\ CurrentControlSet\Control\LSA Name: RestrictAnonymous Type: REG_ DWORD Value: 1. Default Administrator Account Does Not Lockout (Windows NT) Internal Priority: Moderate Cost to Fix: Low By default the Administrator account password does not lockout after unsuccessful login attempts. If the default Administrator account name is known (through a nullsession enumeration), an unlimited number of password guesses can be made against the account. Recommendation Using the Windows NT Resource Kit passprop.exe, it is possible to make this account conform to the same account lockout policies as the rest of the user accounts. It is strongly advised that this account be set for lockout, and that some administrator accounts be created that can only log into the console of the machine for the purpose of managing the console and unlocking accounts in the event that all other administrator accounts get locked out by an attacker. 9

10 Weak SNMP Community Strings Internal Priority: Moderate Cost to Fix: Low If an attacker knows the SNMP community strings, he can gather extensive information about a particular device. If the Write community string is known, a user could even change the configuration of a device. This vulnerability can lead to compromised passwords, denial of service attacks, and reconfiguration of devices to send traffic to an attacker s computer. The SNMP community strings were default (public and private) or were gathered via MIBwalk. Recommendation Choose hard-to-guess community strings and, where possible, use access control lists to limit the hosts that can connect to the SNMP services. Current Versions, Patches, Hotfixes, or Service Packs Not Installed on Several Machines Internal Priority: Moderate Cost to Fix: Moderate Several platforms were running software that was not up-to-date. Servers with out-of-date applications and OS revisions are vulnerable to known exploits. Recommendation Update to the latest software revision, patch level or service pack. Also, apply any applicable hotfixes and security and stability fixes. An excellent resource is the vendor s website. For example, the Solaris patches and updates can be found at 10

11 Low Exposure Firewall Allows ICMP ECHO REQUEST/REPLY Internet Priority: Low Cost to Fix: Low By allowing the ICMP (ping) protocol to work through the firewall, the discovery of external resources is greatly increased in speed. Without ICMP echo request responses, external reconnaissance must spend extra time to locate open services and ports by needing to scan any nonresponding IP address. More rapid reconnaissance of network might find vulnerable systems quickly before being noticed. Recommendation Disable inbound ICMP echo request and reply. Default Service Banners Allow Easy Identification of OS, Service Type and Revision Level Internal Priority: Low Cost to Fix: Low When accessed from the network, most services respond with a Hello banner. The default banners very often include operating system and software versions and other configuration information. This information quickly allows a potential attacker to determine the best methods to employ when attacking a platform. The banners returned by the SMTP, HTTP, and FTP services on nearly all servers identify the current version of the software running. Recommendation Alter the default banners that services offer to obscure OS and software version information. Telnet Running on Servers Instead of SSH Internal Priority: Low Cost to Fix: Moderate The systems in the ABC environment use telnet exclusively and a telnet session is not encrypted. An attacker sitting on the same wire, or in the same collision domain, can eavesdrop on an active telnet session. The telnet service also has many well-known vulnerabilities that can lead to root-level compromises. SSH (Secure Shell) offers remote console sessions, just as telnet does, but it encrypts all traffic. Recommendation Replace the telnet service with SSH, where possible. OpenSSH (www. openssh.com) is one of the most popular SSH servers. 11

12 CDWG.com

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

Windows Remote Access

Windows Remote Access Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by

More information

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

ITEC441- IS Security. Chapter 15 Performing a Penetration Test 1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

More information

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription

More information

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of

More information

Global Partner Management Notice

Global Partner Management Notice Global Partner Management Notice Subject: Critical Vulnerabilities Identified to Alert Payment System Participants of Data Compromise Trends Dated: May 4, 2009 Announcement: To support compliance with

More information

SonicWALL PCI 1.1 Implementation Guide

SonicWALL PCI 1.1 Implementation Guide Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard

More information

Network and Host-based Vulnerability Assessment

Network and Host-based Vulnerability Assessment Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:

More information

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:

More information

Penetration Testing Report Client: Business Solutions June 15 th 2015

Penetration Testing Report Client: Business Solutions June 15 th 2015 Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com

More information

Windows Operating Systems. Basic Security

Windows Operating Systems. Basic Security Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System

More information

An Introduction to Network Vulnerability Testing

An Introduction to Network Vulnerability Testing CONTENTS Introduction 3 Penetration Testing Overview 4 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 VeriSign SecureTEST 7 Common Vulnerability

More information

Secure Software Programming and Vulnerability Analysis

Secure Software Programming and Vulnerability Analysis Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview

More information

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human

More information

For more information email sales@patchadvisor.com or call 703.749.7723

For more information email sales@patchadvisor.com or call 703.749.7723 Vulnerability Assessment Methodology Today s networks are typically comprised of a variety of components from many vendors. This adds to the difficulties faced by the system administration staff, as they

More information

Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets

Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets All contents are Copyright 1992 2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 8 Device Interface

More information

My FreeScan Vulnerabilities Report

My FreeScan Vulnerabilities Report Page 1 of 6 My FreeScan Vulnerabilities Report Print Help For 66.40.6.179 on Feb 07, 008 Thank you for trying FreeScan. Below you'll find the complete results of your scan, including whether or not the

More information

IBM Managed Security Services Vulnerability Scanning:

IBM Managed Security Services Vulnerability Scanning: IBM Managed Security Services August 2005 IBM Managed Security Services Vulnerability Scanning: Understanding the methodology and risks Jerry Neely Network Security Analyst, IBM Global Services Page 2

More information

Pension Benefit Guaranty Corporation. Office of Inspector General. Evaluation Report. Penetration Testing 2001 - An Update

Pension Benefit Guaranty Corporation. Office of Inspector General. Evaluation Report. Penetration Testing 2001 - An Update Pension Benefit Guaranty Corporation Office of Inspector General Evaluation Report Penetration Testing 2001 - An Update August 28, 2001 2001-18/23148-2 Penetration Testing 2001 An Update Evaluation Report

More information

Virtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE

Virtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE Virtual Server and DDNS For BIPAC 741/743GE August, 2003 1 Port Number In TCP/IP and UDP networks, a port is a 16-bit number, used by the host-to-host protocol to identify to which application program

More information

RemotelyAnywhere. Security Considerations

RemotelyAnywhere. Security Considerations RemotelyAnywhere Security Considerations Table of Contents Introduction... 3 Microsoft Windows... 3 Default Configuration... 3 Unused Services... 3 Incoming Connections... 4 Default Port Numbers... 4 IP

More information

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams

More information

Locking down a Hitachi ID Suite server

Locking down a Hitachi ID Suite server Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime

More information

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4) Using Nessus to Detect Wireless Access Points March 6, 2015 (Revision 4) Table of Contents Introduction... 3 Why Detect Wireless Access Points?... 3 Wireless Scanning for WAPs... 4 Detecting WAPs using

More information

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, 2009. Concepts.

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, 2009. Concepts. Protect - Detect - Respond A Security-First Strategy HCCA Compliance Institute April 27, 2009 1 Today s Topics Concepts Case Study Sound Security Strategy 2 1 Security = Culture!! Security is a BUSINESS

More information

IT HEALTHCHECK TOP TIPS WHITEPAPER

IT HEALTHCHECK TOP TIPS WHITEPAPER WHITEPAPER PREPARED BY MTI TECHNOLOGY LTD w: mti.com t: 01483 520200 f: 01483 520222 MTI Technology have been specifying and conducting IT Healthcheck s across numerous sectors including commercial, public

More information

GFI White Paper PCI-DSS compliance and GFI Software products

GFI White Paper PCI-DSS compliance and GFI Software products White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption

More information

SECURITY ADVISORY FROM PATTON ELECTRONICS

SECURITY ADVISORY FROM PATTON ELECTRONICS SECURITY ADVISORY FROM PATTON ELECTRONICS Potential Security Vulnerabilities Identified in Simple Network Management Protocol (SNMP) Revision 1.0 For Public Release March 7, 2002 Last Updated March 7,

More information

Achieving PCI-Compliance through Cyberoam

Achieving PCI-Compliance through Cyberoam White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit

More information

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness CISP BULLETIN Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness November 21, 2006 To support compliance with the Cardholder Information Security Program (CISP), Visa USA

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system

More information

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How

This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How This chapter covers the following topics: Why Network Security Is Necessary Secure Network Design Defined Categorizing Network Security Threats How Network Security Is Breached Network Security Policy

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0. Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...

More information

Passive Vulnerability Detection

Passive Vulnerability Detection Page 1 of 5 Passive Vulnerability Detection "Techniques to passively find network security vulnerabilities" Ron Gula rgula@securitywizards.com September 9, 1999 Copyright 1999 Network Security Wizards

More information

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) WHITE PAPER SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X) INTRODUCTION This document covers the recommended best practices for hardening a Cisco Personal Assistant 1.4(x) server. The term

More information

modules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:

modules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref: SERVER SECURITY STANDARD Security Standards are mandatory security rules applicable to the defined scope with respect to the subject. Overview Scope Purpose Instructions Improperly configured systems,

More information

TECHNICAL WHITE PAPER. Symantec pcanywhere Security Recommendations

TECHNICAL WHITE PAPER. Symantec pcanywhere Security Recommendations TECHNICAL WHITE PAPER Symantec pcanywhere Security Recommendations Technical White Paper Symantec pcanywhere Security Recommendations Introduction... 3 pcanywhere Configuration Recommendations... 4 General

More information

Nessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson

Nessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson Nessus A short review of the Nessus computer network vulnerability analysing tool Authors: Henrik Andersson Johannes Gumbel Martin Andersson Introduction What is a security scanner? A security scanner

More information

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection. A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

More information

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) : Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh Written Exam in Network Security ANSWERS May 28, 2009. Allowed aid: Writing material. Name (in block letters)

More information

NETWORK PENETRATION TESTING

NETWORK PENETRATION TESTING Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes

More information

The Trivial Cisco IP Phones Compromise

The Trivial Cisco IP Phones Compromise Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002

More information

FIREWALLS & CBAC. philip.heimer@hh.se

FIREWALLS & CBAC. philip.heimer@hh.se FIREWALLS & CBAC philip.heimer@hh.se Implementing a Firewall Personal software firewall a software that is installed on a single PC to protect only that PC All-in-one firewall can be a single device that

More information

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS Scope and Applicability: These Network and Certificate System Security Requirements (Requirements) apply to all publicly trusted Certification Authorities

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

86-10-15 The Self-Hack Audit Stephen James Payoff

86-10-15 The Self-Hack Audit Stephen James Payoff 86-10-15 The Self-Hack Audit Stephen James Payoff As organizations continue to link their internal networks to the Internet, system managers and administrators are becoming increasingly aware of the need

More information

74% 96 Action Items. Compliance

74% 96 Action Items. Compliance Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated

More information

CMPT 471 Networking II

CMPT 471 Networking II CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access

More information

Basics of Internet Security

Basics of Internet Security Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational

More information

Andreas Dittrich, Philipp Reinecke Testing of Network and System Security. example.

Andreas Dittrich, Philipp Reinecke Testing of Network and System Security. example. Testing of Network and System Security 1 Testing of Network and System Security Introduction The term security when applied to computer networks conveys a plethora of meanings, ranging from network security

More information

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005 State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology

More information

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc. Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning

More information

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...

More information

Remote Administration

Remote Administration Windows Remote Desktop, page 1 pcanywhere, page 3 VNC, page 7 Windows Remote Desktop Remote Desktop permits users to remotely execute applications on Windows Server 2008 R2 from a range of devices over

More information

Step-by-Step Configuration

Step-by-Step Configuration Step-by-Step Configuration Kerio Technologies C 2001-2003 Kerio Technologies. All Rights Reserved. Printing Date: December 17, 2003 This guide provides detailed description on configuration of the local

More information

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011) Host Hardening (March 21, 2011) Abdou Illia Spring 2011 CERT Report on systems vulnerabilities Source: CERT Report @ http://www.kb.cert.org/vuls/bymetric 2 OS Vulnerability test Source: http://www.omninerd.com/articles/2006_operating_system_vulnerabilit

More information

Cyber Essentials. Test Specification

Cyber Essentials. Test Specification Cyber Essentials Test Specification Contents Scope of the Audit...2 Assumptions...3 Success Criteria...3 External systems...4 Required tests...4 Test Details...4 Internal systems...7 Tester pre-requisites...8

More information

Top 5 Essential Log Reports

Top 5 Essential Log Reports Top 5 Essential Log Reports Version 1.0 Contributors: Chris Brenton - Independent Security Consultant - chris@chrisbrenton.org Tina Bird, Security Architect, PGP Corporation Marcus J Ranum, CSO, Tenable

More information

Blended Security Assessments

Blended Security Assessments Blended Security Assessments Combining Active, Passive and Host Assessment Techniques October 12, 2009 (Revision 9) Renaud Deraison Director of Research Ron Gula Chief Technology Officer Table of Contents

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

Executive Summary and Purpose

Executive Summary and Purpose ver,1.0 Hardening and Securing Opengear Devices Copyright Opengear Inc. 2013. All Rights Reserved. Information in this document is subject to change without notice and does not represent a commitment on

More information

Determine if the expectations/goals/strategies of the firewall have been identified and are sound.

Determine if the expectations/goals/strategies of the firewall have been identified and are sound. Firewall Documentation Develop background information about the firewall(s) in place: Segment diagrams Software Hardware Routers Version levels Host names IP addresses Connections Specific policies for

More information

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow IDS 4.0 Roadshow Module 1- IDS Technology Overview Agenda Network Security Network Security Policy Management Protocols The Security Wheel IDS Terminology IDS Technology HIDS and NIDS IDS Communication

More information

Security Considerations White Paper for Cisco Smart Storage 1

Security Considerations White Paper for Cisco Smart Storage 1 Security Considerations White Paper for Cisco Smart Storage An open network is like a bank s vault with windows Bill Thomson Network-Attached Storage (NAS) is a relatively simple and inexpensive way to

More information

Network Security: Introduction

Network Security: Introduction Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has

More information

Network Security: A Practical Approach. Jan L. Harrington

Network Security: A Practical Approach. Jan L. Harrington Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of

More information

information security and its Describe what drives the need for information security.

information security and its Describe what drives the need for information security. Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.

More information

Remote Access Security

Remote Access Security Glen Doss Towson University Center for Applied Information Technology Remote Access Security I. Introduction Providing remote access to a network over the Internet has added an entirely new dimension to

More information

INTRUSION DETECTION SYSTEMS and Network Security

INTRUSION DETECTION SYSTEMS and Network Security INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Topics in Network Security

Topics in Network Security Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure

More information

Web App Security Audit Services

Web App Security Audit Services locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System

More information

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview

More information

Network Security Guidelines. e-governance

Network Security Guidelines. e-governance Network Security Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type

More information

VPNSCAN: Extending the Audit and Compliance Perimeter. Rob VandenBrink rvandenbrink@metafore.ca

VPNSCAN: Extending the Audit and Compliance Perimeter. Rob VandenBrink rvandenbrink@metafore.ca VPNSCAN: Extending the Audit and Compliance Perimeter Rob VandenBrink rvandenbrink@metafore.ca Business Issue Most clients have a remote access or other governing policy that has one or more common restrictions

More information

HP ProLiant Essentials Vulnerability and Patch Management Pack Server Security Recommendations

HP ProLiant Essentials Vulnerability and Patch Management Pack Server Security Recommendations HP ProLiant Essentials Vulnerability and Patch Management Pack Server Security Recommendations Security Considerations for VPM and HP SIM Servers Introduction... 3 External patch acquisition... 4 Comparing

More information

HIPAA Security: Gap Analysis, Vulnerability Assessments, and Countermeasures

HIPAA Security: Gap Analysis, Vulnerability Assessments, and Countermeasures HIPAA Security: Gap Analysis, Vulnerability Assessments, and Countermeasures Don Hewitt and Chris Goggans March 1, 2001 Copyright 2001 by Security Design International, Inc. 1 Agenda The Proposed Rule

More information

Configure a Microsoft Windows Workstation Internal IP Stateful Firewall

Configure a Microsoft Windows Workstation Internal IP Stateful Firewall 70 Lab #5 Lab #5 Assessment Spreadsheet A Review the default settings for Windows Firewall on your student workstation and indicate your settings below: GENERAL Recommended (Firewall On/Off) Don t Allow

More information

Maruleng Local Municipality

Maruleng Local Municipality Maruleng Local Municipality. 22 November 2011 1 Version Control Version Date Author(s) Details 1.1 23/03/2012 Masilo Modiba New Policy 2 Contents ICT Firewall Policy 1 Version Control.2 1. Introduction.....4

More information

E-commerce Production Firewalls

E-commerce Production Firewalls E-commerce Production Firewalls A Proper Security Design 2006 Philip J. Balsley. This document and all information contained herein is the sole and exclusive property of Philip J. Balsley. All rights reserved.

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00 Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat. 1 Penetration Testing NTS330 Unit 1 Penetration V1.0 February 20, 2011 Juan Ortega Juan Ortega, juaorteg@uat.edu 1 Juan Ortega, juaorteg@uat.edu 2 Document Properties Title Version V1.0 Author Pen-testers

More information

Understanding Security Testing

Understanding Security Testing Understanding Security Testing Choosing between vulnerability assessments and penetration testing need not be confusing or onerous. Arian Eigen Heald, M.A., Ms.IA., CNE, CISA, CISSP I. Introduction Many

More information

Basic Network Configuration

Basic Network Configuration Basic Network Configuration 2 Table of Contents Basic Network Configuration... 25 LAN (local area network) vs WAN (wide area network)... 25 Local Area Network... 25 Wide Area Network... 26 Accessing the

More information

Securing E-Commerce. Agenda. The Security Problem IC Security: Key Elements Designing and Implementing. 3203 1346_06_2000_c1_sec3

Securing E-Commerce. Agenda. The Security Problem IC Security: Key Elements Designing and Implementing. 3203 1346_06_2000_c1_sec3 Securing E-Commerce 1 Agenda The Security Problem IC Security: Key Elements Designing and Implementing 2 The Security Dilemma Internet Business Value Internet Access Corporate Intranet Internet Presence

More information

General Network Security

General Network Security 4 CHAPTER FOUR General Network Security Objectives This chapter covers the following Cisco-specific objectives for the Identify security threats to a network and describe general methods to mitigate those

More information

Radware s Behavioral Server Cracking Protection

Radware s Behavioral Server Cracking Protection Radware s Behavioral Server Cracking Protection A DefensePro Whitepaper By Renaud Bidou Senior Security Specialist,Radware October 2007 www.radware.com Page - 2 - Table of Contents Abstract...3 Information

More information

Firewalls. Chapter 3

Firewalls. Chapter 3 Firewalls Chapter 3 1 Border Firewall Passed Packet (Ingress) Passed Packet (Egress) Attack Packet Hardened Client PC Internet (Not Trusted) Hardened Server Dropped Packet (Ingress) Log File Internet Border

More information

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2 Report No. 13-35 September 27, 2013 Appalachian Regional Commission Table of Contents Results of Evaluation... 1 Areas for Improvement... 2 Area for Improvement 1: The agency should implement ongoing scanning

More information

Firewall Firewall August, 2003

Firewall Firewall August, 2003 Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also

More information

Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!

Black Box Penetration Testing For GPEN.KM V1.0 Month dd #$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;! Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$%&'#)*)&'+,-./0.-121.030045.5675895.467:;83-/;0383; th, yyyy A&0#0+4*M:+:#&*#0%+C:,#0+4N:

More information

Directory and File Transfer Services. Chapter 7

Directory and File Transfer Services. Chapter 7 Directory and File Transfer Services Chapter 7 Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems Identify major

More information

Network Detective. HIPAA Compliance Module. 2015 RapidFire Tools, Inc. All rights reserved V20150201

Network Detective. HIPAA Compliance Module. 2015 RapidFire Tools, Inc. All rights reserved V20150201 Network Detective 2015 RapidFire Tools, Inc. All rights reserved V20150201 Contents Purpose of this Guide... 3 About Network Detective... 3 Overview... 4 Creating a Site... 5 Starting a HIPAA Assessment...

More information

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc. Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim

More information

8. Firewall Design & Implementation

8. Firewall Design & Implementation DMZ Networks The most common firewall environment implementation is known as a DMZ, or DeMilitarized Zone network. A DMZ network is created out of a network connecting two firewalls; i.e., when two or

More information

Expediting Incident Response with Foundstone ERS. Foundstone Inc. August, 2003

Expediting Incident Response with Foundstone ERS. Foundstone Inc. August, 2003 Expediting Incident Response with Foundstone ERS Foundstone Inc. August, 2003 Enterprise Risk Solutions Platform Supports Successful Response and Remediation Introduction The Foundstone Enterprise Risk

More information

3. Firewall Evaluation Criteria

3. Firewall Evaluation Criteria Firewall Management Prep. drd. Radu Constantinescu Academy of Economics Studies, Bucharest ABSTRACT Network connectivity can be both a blessing and a curse. On the one hand, network connectivity can enable

More information

Information Technology Security Procedures

Information Technology Security Procedures Information Technology Security Procedures Prepared By: Paul Athaide Date Prepared: Dec 1, 2010 Revised By: Paul Athaide Date Revised: September 20, 2012 Version 1.2 Contents 1. Policy Procedures... 3

More information