A troubleshooting guide would be helpful. that should include -tools for monitoring network traffic to ensure a compromise has been remediated(more applicable to server compromises where its hard to wipe everything). wireshark/tcpdump -understanding exploit kits and the typical internet crime that small businesses run into. if a small business can get everyone in the habit of using noscript they can prevent the vast majority of crap. -handling host infections and abuse complaints(where some attacker is hijacking your bandwidth and the victims complain to you)
user education is a potential advantage for small businesses, because they have much fewer numbers to contend with. Having all due-diligence in a checklist format would be very friendly for time-limited IT people. also a section for the targeted attacks and how to recognize a sustained campaign against you, with the large caveat that this only applies if you're a very large corporation or have somehow managed to involve yourself with a nation state or hacker group, or handle data for someone that has. the only reason for this section is because 99% of the small business people I've seen worried about this aren't likely going to be in the crosshairs, so the paranoia isn't justified. also a section for mistakes small business often makes. i see this stuff a lot, where they think that portscanning is a scary attack, and how you can block attacker IPs on your firewall(or worse, your IPS). or how some want to address every vuln scan individually instead of implementing a proper patching regimen. groan. let us know when it's finished. i want to send it to certain people. -a On Sun, Dec 2, 2012 at 8:00 PM, Hevnsnt <[email protected]> wrote: > Something that I find is that small (service-based) businesses often keep > way too much client data on field laptops on unencrypted drives. > > > On Dec 2, 2012, at 6:43 PM, Bugbear <[email protected]> wrote: > > I would also mention process < having a process in place for new employes > / terminations in regard to user accounts and rights > Also hardening the host - OS firewall, local rights, turning off default > surfaces > > On Sun, Dec 2, 2012 at 10:57 AM, TheTolik <[email protected]> wrote: > >> I am working on creating a guide to IT Security to help companies without >> or with a minimal IT budget protect themselves and their customers, and am >> looking for community's input into the topics that should be discussed. >> >> I also see a lot of value in including recommendations for applicable >> tools/technologies that are easily accessible, easy to use, and yet >> effective, with strong affinity towards open source, and therefore would be >> very appreciative for input on per-topic basis. >> >> So far in regards to the topics, I have (In no particular order) >> >> - Security Awareness and High Level Training >> - Account Management / Password Management / Local Admin Rights >> - Email Etiqute, Email Threats, and Email Security >> - Network and System Vulnerability Scanning/Patching >> - Network Security (Firewalls) >> - Backups and Backup Security >> - Wireless and WiFi Security >> - System Security, AV/HIPS >> - Website Security and Web/Application Security Testing >> - Sensitive Information and Applicable Laws, Regulations, and Compliance >> Requirements >> >> Any valuable input would be greatly appreciated. >> >> Thanks, >> >> Andy | oxbeef >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > -- _________________________________ Note to self: Pillage BEFORE burning.
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
