Network Security: Primary sources: RFC 2196, TCP/IP 24/7, CISSP

brokenroomΔίκτυα και Επικοινωνίες

21 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

90 εμφανίσεις

Network Security:

Primary sources: RFC 2196,
TCP/IP 24/7
, CISSP

I. CIA


1. Confidentiality


2. Integrity


3. Availability

I. General Procedural outline


1.
Identification


2. Authentication


3. Accountability


4. Authorization


5. Privacy



6.
Id
entify what trying to protect


7
. Determine what protecting it from


8
. Determine likelihood of threats


9
. Implement cost effective security measures

(Trade off Analysis)



a. Decision tree of all security measures



b. Cost, including difficulty, op
eration tradeoffs, etc


10
. Continuous review of security



a. System log files




i. Network access




ii. Server access

II. Risk Assessment


1. Asset categories



a. Hardware



b. Software



c. Data



d. Documentation



e. Intelligence



2. Threats



a. External



b. Internal



3. Threat Matrix



a. Likelihood of attack



b. Impact of successful attach

III. Security Policy







IV. Security Architecture


1. Separation of Services



a.
Servers:
anonymous ftp
,

www interaction
, xinet.d, init.d
services, PortSentry



b. Topography: DMZ, Bastion Host, Firewall, “Corporate” LAN


2. Deny all / Allow all



a. Identify real, as opposed to desired, network requirements


3. DNS


4. Passwords




a. Length, content



b. Life



c. Kerberos


5.

email, FTP, WWW, etc.


6. NFS


7. syslogd & its loghost

V. Access

1.

Access

a.

Physical

b.

Walkup

c.

Remote

i.

Modems

ii.

VPN

2.

Auditing usage