Security

[npoe1]

How do you make to ensure that your network is hacker proof, or at least how do you try to be the safest that you can be?

My boss asked to make some test and try to fix the vulnerabilities, but I really don?t know how to start checking for the vulnerabilities and forget about know how to fix them.

 

[n0cmonkey]

Get a consultant. There are plenty of Managed Security Services Providers out there that can help you out.

 

[p0lar]

Get a consultant. There are plenty of Managed Security Services Providers out there that can help you out.

Sound advice until you're certain of what you're up against, and I'll add that it's good practice to get more than one quote even if you have to pay the price of network evaluation in triplicate.

P.S. n0cmonkey: +1 OpenBSD

 

[KuJoe]

Only way to make a computer "hacker proof" is to unplug everything on it and shoot it into orbit in hopes that it will find its way to a remote solar system that is uninhabitable by any living or robotic thing... glad you're not asking for the impossible or this would be a hard question to answer.

Now for a realistic answer, putting computers behind a hardware firewall is a great start... if you have a nice security team monitoring it. Make sure all servers and workstations stay up to date on patches also, once a week Microsoft issues new security patches (my IT team calls it Patch Tuesday even though we don't release them until after they are tested and pass compliance).

 

[HKSturboKID]

I thought M$ release patches once a month. I might be wrong on this one cause we have to patches going out to workstations and servers all bundle up for a monthly push.

 

[KuJoe]

We get patches from MS every Tuesday, we don't patch the workstations every week though, sometimes we release 3-4 weeks worth of patches at once (sounds like your company does the same). We don't get our patches from the Windows Update site or anything like that so many our contracts may differ from your companies. When it comes to Microsoft it's anyone's guess.

 

[stash]

MS does not release security updates on a weekly basis.

MS security updates are released every second Tuesday of the month (this is where the term Patch Tuesday comes from). There are rare out of band releases, but it is almost always once a month. The distribution method doesn't matter, they are released to WU/MU/AU, SMS, WSUS, etc simultaneously.

 

[KuJoe]

Originally posted by: stash
MS does not release security updates on a weekly basis.

MS security updates are released every second Tuesday of the month (this is where the term Patch Tuesday comes from). There are rare out of band releases, but it is almost always once a month. The distribution method doesn't matter, they are released to WU/MU/AU, SMS, WSUS, etc simultaneously.

Interesting... I wonder what other patches we are getting in then...

 

[Lemon law]

Network security is no different than the security for any one given PC---so you need a layered defense and can go to forums like spyware warriors or castle cops for good basic tips.

The other key to remember is that your defenses will be no stronger than its weakest link---which will usually end up the people on your network that will fall for every social engineering
trick that comes down the pike. So shutting down universal access becomes priority #1. With monitoring what is allowed to install being priority #2. It would be nice if a firewall could be a total protection---but if something gets by that layer---best be prepared to prevent its spread.

Owning a network is hacker goal #1.

 

[cmetz]

npoe1, I would suggest doing some Internet and/or book research first. You're asking an extremely broad question that tells me that you need to do some learning before you'd really know even what questions to ask.

At this point, you would be easy prey for a bad security consultant, and there are many more of those than good ones.

 

[stash]

Interesting... I wonder what other patches we are getting in then...

Are you running NT4? The only possibility I can think of is you have a an NT CSA. I have no idea if NT CSA release patches on a different schedule, and even if I did, I wouldn't be posting that info on a public forum. And if you do have a CSA, you are bound by an NDA and should not be discussing it here.

Either that or they are not security updates, maybe hotfixes of some kind. But there is no schedule for those sorts of updates.

 

[KuJoe]

Not using NT4 and avoided saying anything that could get me in trouble.

As for the other patches, I'm guessing they are for other applications/products... our ITSEC department doesn't really tell us what patches we're receiving/pushing, they just let us know when we're getting them.

 

[blemoine]

npoe1: you told us so little about your network that it is impossible to answer a question like that. i am guessing that your network is very small. if this is the case then how secure your network becomes will be limited by cost and office politics. network security is a blend of the right equipment and the right practices. that is about it. in a small office it is hard to get either to go over well. good luck

my best advice would be to hire a consultant.