Guys, I may be offside here, but although I see may great things in that list, I see it as very high maintenance. When you are looking after 300 users across 40 sites it would be to difficult to maintain.
Here is my list, much more simple, much easier to maintain, however almost as secure. 1. Develop good SOE, setup primary user as local admin. 2. Spend time developing your Firewall at all points of access to the internet 3. Implement a proxy server and block what you desire. 4. Ensure all of your internet based systems are secure, use Tripwire or other IDS's. 5. Don't use a Standard Linux operating system (i.e. Redhat, Mandrake, SuSe etc) use a different non X-Windows distro) 6. Install Anti-Virus software on all PC's (Norton seems good) and ensure it is updated regularly. 7. Install good mail scanning software, and ensure it updates at least nightly. On my network I have 5 points of access to the internet, and I am on US ip addressing rather than Australian (meaning I get port scanned more than the guy down the road). I don't go the whole Security through obscurity however I do go down that path to some extent. Thus I have gone 2 years with only one incident. My mail scanning software (which has since been replaced) fell over and klez infected 2 pc's. Anyways, its food for thought. -----Original Message----- From: Chris Berry [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 19, 2002 6:05 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Defense plan >That's quite a list of improvements. I am actually saving it as a >reference. I've done quite a bit of it already, but there is always room for improvement. Would you believe that everyone had the same password when I got here? Speaking of passwords, I forgot to add: 25) Require passwords meet complexity rules, and be changed on a regular basis. >What about physical server security, backups, backup tape storage and >access? Don't know if these are even an issue, but I figured I'd drop >them >in just in case. I have considered physical security, but I forgot to add it to my list, good point. I have a backup plan, and while I consider backups very important, I didn't really think they were part of my security setup, other than as part of the physical security issue, and virus scanning. So to sum up: 26) Ensure physical security prevents unauthorized access. Oh, and I've been removing the cd-rom and disk drives from the workstations to help prevent software installation. I guess that's: 27) Remove external input devices such as cd-roms and disk drives where possible Chris Berry [EMAIL PROTECTED] Systems Administrator JM Associates "I have found the way, and the way is Perl." _________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com
