Network and System Security > Chapter 3: Preventing System Intrusions > 13. Conclusion

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Search

Table of Contents

Front Cover

Network and System Security

Chapter 1: Building a Secure Organization

Chapter 2: A Cryptography Primer

Chapter 3: Preventing System Intrusions

1. So, What Is an Intrusion?

2. Sobering Numbers

3. Know Your Enemy: Hackers versus Crackers

4. Motives

5. Tools of the Trade

6. Bots

7. Symptoms of Intrusions

8. What Can You Do?

9. Security Policies

10. Risk Analysis

11. Tools of Your Trade

12. Controlling User Access

13. Conclusion

References

Chapter 4: Guarding Against Network Intrusions

Chapter 5: Unix and Linux Security

Chapter 6: Eliminating the Security Weakness of Linux and UNIX Operating Systems

Chapter 7: Internet Security

Chapter 8: The Botnet Problem

Chapter 9: Intranet Security

Chapter 10: Local Area Network Security

Chapter 11: Wireless Network Security

Chapter 12: Cellular Network Security

Chapter 13: Radio Frequency Identification Security

Index

80 Chapter 3 Accounting refers to the recording, logging, and archiving of all server activity, especially activity related to access attempts and whether they were successful. This information should be written into audit logs that are stored and available any time you want or need to view them. The audit logs should contain, at minimum, the following information: · · · The user's identity The date and time of the request Whether the request passed authentication and was granted Any network security system you put into place should store, or archive, these logs for a specified period of time and allow you to determine for how long these archives will be maintained before they start to age out of the system. Keeping Current One of the best ways to stay ahead is to not fall behind in the first place. New systems with increasing sophistication are being developed all the time. They can incorporate a more intelligent and autonomous process in the way the system handles a detected threat, a faster and more easily accomplished method for updating threat files, and configuration flexibility that allows for very precise customization of access rules, authentication requirements, user role assignment, and how tightly it can protect specific applications. Register for newsletters, attend seminars and network security shows, read white papers, and, if needed, contract the services of network security specialists. The point is, you shouldn't go cheap on network security. The price you pay to keep ahead will be far less than the price you pay to recover from a security breach or attack. 13. Conclusion Preventing network intrusions is no easy task. Like cops on the street--usually outnumbered and underequipped compared to the bad guys--you face an enemy with determination, skill, training, and a frightening array of increasingly sophisticated tools for hacking their way through your best defenses. And no matter how good your defenses are today, it's only a matter of time before a tool is developed that can penetrate them. If you know that ahead of time, you'll be much more inclined to keep a watchful eye for what "they" have and what you can use to defeat them. Your best weapon is a logical, thoughtful, and nimble approach to network security. You have to be nimble--to evolve and grow with changes in technology, never being content to keep things as they are because "Hey, they're working just fine." Today's "just fine" will be tomorrow's "What the hell happened?" www.syngress.com

Download Safari Books Online apps: Apple iOS | Android

This Book

Search

Contents

Chapter 3: Preventing System Intrusions > 13. Conclusion - Pg. 80