Security and Privacy in a Networked World/Technology: A mighty knight with no pants: erinevus redaktsioonide vahel

Allikas: KakuWiki
Mine navigeerimisribaleMine otsikasti
9. rida: 9. rida:
== Tools ==
== Tools ==


* Firewalls
=== Firewalls ===
 
The [http://www.interhack.net/pubs/fwfaq/ Firewall FAQ] defines firewall as "a system or group of systems that enforces an access control policy between two or more networks". Essentially, it has two main methods of access control:
* blocking - stopping traffic that is deemed unwanted - e.g. coming from suspicious addresses (an example: some admins block everything coming from Nigeria).
* permitting - guaranteeing safe passage for known good traffic - e.g. local servers or universally-used services.
 
A firewall is similar to a container - in the sense that the content (not the vessel) is what matters. Properly configured firewalls are very effective, misconfigured ones are ineffective or sometimes inhibiting. Effective use of firewalls also includes a general policy about what kind of traffic is acceptable and what is not - thus being a good proof for the Mitnick's maxim "technology, training, policies". In an ideal case, the access control rules in a firewall are a concentrated version of the overall access policy.
 
Firewalls are effective tools for regulating traffic and providing single 'gates' with checkpoints (that are easier to supervise and log) into computer systems. However, they cannot protect against various security risks which bypass them, e.g.
* removal/theft of data on physical media (e.g. by stealing a USB stick)
* attacks from inside - whether involving espionage, sabotage or plain stupidity
* faulty or Trojan horse applications - e.g. a critical hole in Microsoft Internet Explorer
* poor policies which render them ineffective
* ... and, of course, PIBKAC
 
 
 
* Vulnerability scanners
* Vulnerability scanners
* Intrusion detection systems
* Intrusion detection systems

Redaktsioon: 26. aprill 2014, kell 06:47

Mitnick: Technology, training, procedures

Introduction

The metaphor used in the title is unfortunately valid for many places - some (more visible) parts could be well-protected, while others that are not so visible are in deep neglect.

...

Tools

Firewalls

The Firewall FAQ defines firewall as "a system or group of systems that enforces an access control policy between two or more networks". Essentially, it has two main methods of access control:

  • blocking - stopping traffic that is deemed unwanted - e.g. coming from suspicious addresses (an example: some admins block everything coming from Nigeria).
  • permitting - guaranteeing safe passage for known good traffic - e.g. local servers or universally-used services.

A firewall is similar to a container - in the sense that the content (not the vessel) is what matters. Properly configured firewalls are very effective, misconfigured ones are ineffective or sometimes inhibiting. Effective use of firewalls also includes a general policy about what kind of traffic is acceptable and what is not - thus being a good proof for the Mitnick's maxim "technology, training, policies". In an ideal case, the access control rules in a firewall are a concentrated version of the overall access policy.

Firewalls are effective tools for regulating traffic and providing single 'gates' with checkpoints (that are easier to supervise and log) into computer systems. However, they cannot protect against various security risks which bypass them, e.g.

  • removal/theft of data on physical media (e.g. by stealing a USB stick)
  • attacks from inside - whether involving espionage, sabotage or plain stupidity
  • faulty or Trojan horse applications - e.g. a critical hole in Microsoft Internet Explorer
  • poor policies which render them ineffective
  • ... and, of course, PIBKAC


  • Vulnerability scanners
  • Intrusion detection systems
  • Logging and auditng
  • Password checkers
  • Sniffers

---

Additional reading and links

  • ANONYMOUS. Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network. 3rd ed. Sams Publishing, 2001.
  • MCCARTHY, Linda. IT Security: Risking the Corporation. Prentice Hall 2001.
  • Internet Firewalls: Frequently Asked Questions. http://www.interhack.net/pubs/fwfaq/


...

Pärit leheküljelt "https://wiki.kakupesa.net/index.php?title=Security_and_Privacy_in_a_Networked_World/Technology:_A_mighty_knight_with_no_pants&oldid=4174"