Ten tips for better network security
From
O'Reilly Publishing:
bq. Top Ten Tips to Make Attacker’s Lives Hell
by Chris McNab, author of Network Security Assessment
bq. I run a lot of penetration testing exercises against client networks and systems. A lot of the time, testing is relatively straightforward, as the network administrator is not filtering ICMP traffic, and my network scans are not proactively blocked. I love this type of testing, as it's easy and quick to undertake.
bq. What I don't like, however, is when security-conscious administrators lay down a number of hurdles between me and the target systems. In these situations, a test that would usually take two days to undertake now takes a week's worth of my time! By laying down such hurdles, you can force attackers (and security consultants) to go to much more effort in trying to map your networks, identify services, and applications, and effectively attack and compromise them.
Very good stuff here -- if you have a permanent connection to the internet and keep your computers on all the time, these would be a great idea to implement.
Posted by DaveH at March 26, 2004 1:02 PM