Network security could not be more relevant or more crucial than right now. The Internet, with all its advantages, is a tremendous resource for sharing information, for selling merchandise and services, and for buying with maximum selection and convenience. The Internet, however, also brings us into proximity with criminals and mischief-makers.
Over the past few weeks, Local Tech Wire has featured a series of articles on network security. This final article on the subject is an executive summary of the content of the series. A link to the full text article is provided near the end of each summary subject area.
Attack vehicles and the threats they carry:
Viruses, worms, and Trojan horses are pre-programmed threats that aim to disrupt rather than steal. If you eliminate these ‘vehicles’, the threats they carry become irrelevant to network security. Antivirus software and user education are the keys to meeting these threats.
Another threat that is more difficult is the hacker who knows the system and its vulnerabilities and is frequently probing for opportunities to slip into your network. Only a sound security policy, strong security measures, and well informed users prevent a sharp hacker form compromising network defenses.
See Part 1, Taking a Look at Treats and Attack Vehicles: www.localtechwire.com/articles.cfm?c=525
Once an intruder has breached network defenses, detection and quick response are critical. Several key areas driving early detection include effective system monitoring, awareness of inappropriate changes, and verification of system software including monitoring software.
See Part 2, An Intrusion Detection System Could Be the Solution: www.localtechwire.com/articles.cfm?c=665
A speedy analysis of all available network information, to isolate and contain the attack, is of key importance once a compromise is detected. Collecting and protecting information contained in system logs and other monitoring files are crucial for future prosecution.