Internet security requires vigilance against viruses, spam: new laws aim to protect computer users.There is much talk today about the security of information, the availability of information, access to that information, the vulnerability of information and the vulnerability of the electronic media to infections or viruses. Add to this scenario the acute glut of unwanted information: spam. It only takes a few scurrilous CEOs to make headlines and big brother jumps into the foray to protect us with new legislation like the Federal Information Security Management Act and Sarbanes Oxley. The implication is business and government offices are most at risk because they are a bigger target, and perhaps they are. Undoubtedly, when a major player like Microsoft, a bank, state or city network is compromised, it makes news. Justifiably so, when thousands of credit card users' account information falls into the wrong hands, it is newsworthy. It is too bad that there are many intelligent, misguided ding dongs out there with seemingly nothing better to do than spare, slain and scare the everyday Internet user Internet user n → internauta m/f Internet user Internet n → internaute m/f . These culprits come in all shapes and sizes and from all over the world. Alas, it is a World Wide Web and the cyber superhighway of information. Computer security issues in today's marketplace focus on threats from external sources. Network administrators are on guard for vulnerabilities and ways to ensure that the perimeter is not breached, monitoring network traffic for unusual activities and anomalies. It is assumed that malicious intrusions and threats will come from external sources. That is not, however, a given. Some sources say the vast majority of attacks come from within, whether accidental or malicious in nature. The FBI says 71 percent of the unauthorized access to systems comes from insiders, based on a poll of 239 companies in 2000. WHO'S AT RISK? I recently participated in a FISMA-required audit, pushed into high gear because a server in a multi-country enterprise was compromised with attempted extortion. Coincidently, midway through the review, an employee brought a home computer into the office. The night before, during her family's dinner hour, our friend had witnessed an unsolicited attack on that computer. With no one at the computer's keyboard, she said things started happening. Fortunately, her computer savvy prompted her to capture the events and she tried to communicate with the perpetrator A term commonly used by law enforcement officers to designate a person who actually commits a crime. . Initially she received a courteous response requesting permission to install software. Then the exchange turned nasty with foul language and threats to crash the operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. . Before unplugging the network connection and powering it down, she saved the exchange and was able to acquire an Internet protocol See Internet and TCP/IP. (networking) Internet Protocol - (IP) The network layer for the TCP/IP protocol suite widely used on Ethernet networks, defined in STD 5, RFC 791. IP is a connectionless, best-effort packet switching protocol. address of the intruder. We traced it to Romania. Sure enough, there was unwanted software residing on the computer's hard drive, complete with five language translators, MAC cloning, e-mail replicating and an assortment of other nasty things. The program's author professed to be from Switzerland. Had she not intercepted the culprit in the act, her computer was set to spam everyone in its address book and send out pings to find other unprotected computers, including the company's intranet the next time she logged in. The computer's firewall had been turned off because it was perceived to slow performance. GOOD PROGRAMMERS WITHOUT A JOB OR JUST BAD APPLES? What prompts someone to write such applications and then for another literate user to spend his or her time searching for computers halfway around the world to infest in·fest v. 1. To live as a parasite in or on tissues or organs or on the skin and its appendages. 2. To inhabit or overrun in numbers large enough to be harmful, threatening, or obnoxious. ? The answer is well beyond the scope of this article and this magazine. Perhaps this is an argument for outsourcing. Keep hackers around the world gainfully gain·ful adj. Providing a gain; profitable: gainful employment. gain  ful·ly adv. employed and conceivably they will not have
time to prey.
SAFE NET: IT'S ALL ABOUT FRONTLINE SECURITY Any government agency that has completed a FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act audit, or company required to comply with Sarbanes Oxley, learns first-hand about its vulnerabilities and how to correct them. The top dogs in the industry are clamoring to find and offer solutions for the biggest of networks as well as the individual user. Microsoft XP's service pack two comes complete with a ready-made firewall and popup blocker A utility that prevents Web site popups from displaying. The challenge with this software is to distinguish a valid popup from an advertisement. There are an enormous number of Web pages that launch legitimate browser windows to display additional information, and a popup is a small . Antivirus venders offer in addition to its standard antivirus fare, firewalls. A firewall is a security device that stands between a private network or individual computer with the intent to prevent unwanted traffic from passing in or out. A firewall can be a software application or part of a hardware device. The most popular antivirus venders in this country are Norton and McAfee; but there is Panda and other commercial products and a multitude of freeware Software that is distributed without charge and which may be redistributed without charge by its users. However, ownership is retained by the developer who may change future releases from freeware to a paid product (feeware). See shareware, free software and public domain software. applications as well. The choices do not stop there. Virtually every commercial and home router is equipped with some level of firewall capabilities. Proper setup and execution is a must. That's where network administrators come in. Current version control, configuration, patches, monitoring, and adherence to the strictest of rules are mandatory. Every computer out there is subject to Spyware, those little nasty cookies, and other hidden programs that permit aggressive advertising, data-mining, scumware, Trojans, parasites, malware, dialers, browser hijackers and tracking components. So far, even the best of firewalls do not protect every computer. Check out Lavasoft's Ad-Aware or Spybot as a couple of examples of honorable programmers taking the fight against Spyware to the next level. WHO'S ON THE NET OR LAN (Local Area Network) A communications network that serves users within a confined geographical area. The "clients" are the user's workstations typically running Windows, although Mac and Linux clients are also used. ? The corporate or business network is not limited to only company-owned and -controlled computers anymore. In fact the META group projects 60 percent of enterprises will implement guest access by next year. More and more companies allow visiting computers, as well as company computers, to roam and come back to log onto the local grid. Businesses large and small require enterprise-class security on both wired and wireless networks. There are three enforcement mechanisms supporting Network Admission Control: 1. Gateway IP: Enforces network admission control using EAPoUDP on L3 ports 2. LAN Port IP: Enforces network admission control using EAPoUDP on L2 ports 3. LAN Port 802.1X: Enforces network admission control using 802,1x on L2 ports Even Cisco is initiating a more active role in the anti-spam arena. "Since all this (spam) traffic is running on Cisco networks in large part, many customers often ask, 'Why can't Cisco do something about it?'" says Sanjay Rol, senior vice president and director of Cisco's Anti-Spam Initiative. Cisco and Yahoo are merging separate e-mail verification technologies called DomainKeys Identified Mail DomainKeys Identified Mail is a method for E-mail authentication. It offers almost end-to-end integrity from a signing to a verifying Mail transfer agent (MTA). . Both companies had worked on these technologies for more than a year. Microsoft is developing Sender ID An e-mail authentication system from Microsoft that is based on Sender Policy Framework (SPF) records in the DNS system. Sender ID uses Microsoft's proprietary Purported Responsible Address (PRA) method for checking the headers within the message body. . These proposed standards are before the Internet Engineering Task Force (c/o Corporation for National Research Initiatives (CNRI), Reston, VA, www.ietf.org) Founded in 1986, the IETF is a non-membership, open, voluntary standards organization dedicated to identifying problems and opportunities in IP data networks and proposing technical solutions to the . Cisco says DKIM See DomainKeys. and its anti-spam efforts are not designed to make money, at least, not for now. "Our efforts have not been about creating a product. It has been about providing some thought leadership in the industry and to protect the Internet from more abuse," Rol says. Some experts suggest leaving anti-spam development technology to the application companies and smaller vendors. There is, however, solace in the fact that industry leaders are not idly standing by as our inboxes are flooded with unsolicited, unwanted, tactless tact·less adj. Lacking or exhibiting a lack of tact; bluntly inconsiderate or indiscreet. tact less·ly adv. and tasteless
e-mail.
ANCHORAGE CITY EMPLOYEES FILTER E-MAIL SPAM 1. ^ James John Farmer (27 December 2003). 3.4 Specific Types of Spam (FAQ). An FAQ for news.admin.net-abuse.email; Part 3: Understanding NANAE. spamfaq.net. Retrieved on 2007-01-05. 2. ^ You Might Be An Anti-Spam Kook If.... The Municipality of Anchorage recently employed Proofpoint Messaging Security Gateway[TM] to rid its network of massive quantities of incoming spare messages. Employees at Alaska's largest municipality regularly communicate via e mail and the influx of unsolicited and offensive spare e-mails is a point of concern for employees and management. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. a city press release, spare was accounting for more than 70 percent of the city's incoming e-mail. The information technology department could not effectively manage the problem, so it decided to test and deploy the Proofpoint Messaging Security Gateway appliance. "Compared to all the time we used to invest in managing spam, the entire process is very simple now," says Jose Roman Jose Roman can refer to:
The vision of managing a network to key security standards and guidelines parallel FISMA's vision of network management: 1 Security categorization of information and information systems; 2 Selection of appropriate security controls for information systems: 3 Verification of security control effectiveness and determination of information system vulnerabilities; and 4 Operational authorization for processing (security accreditation) of information systems. To achieve these goals, primo network management means: 1 More consistent, comparable and repeatable evaluations of security controls applied to information systems; 2 A better understanding of enterprise-wide mission risks resulting from the operation of information systems; 3 More complete, reliable and trustworthy information for authorizing officials-facilitating more informed security accreditation decisions: 4 More secure information systems. SECURITY CHECK LIST A White Paper issued by Tripwire trip·wire n. 1. A wire stretched near ground level to trip or ensnare an enemy. 2. A wire or line that activates a weapon, trap, or camera, for example, when pulled. 3. of Portland, Ore., recommends a layered security Layered security is a new term used by information protection and online security vendors that describes the practice of leveraging several different point security solutions to protect the digital identities and information of consumer, enterprise or government environments. strategy that includes policy and procedures to address: 1 SYSTEM MISCONFIGURATION 2 EXTERNAL THREATS 3 INTERNAL USERS 4 AN EFFECTIVE SECURITY POLICY 5 THEFT 6 FRAUD 7 PROPRIETARY INFORMATION 8 HUMAN ERROR Proper network management must include antivirus protection, fortified fortified (fôrt  ´fīd),adj containing additives more potent than the principal ingredient. firewalls, intrusion detection See IDS and IPS. , authentication, regular vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. scans and good-proactive information security management. THERE IS MORE THAN BUGS AND LUNCHMEAT lunch·meat n. See luncheon meat. If viruses and spam were not enough, there is phishing and pharming pharming (fär`mĭng), the use of genetically altered livestock, such as cows, goats, pigs, and chickens, to produce medically useful products. clogging the portals of the Internet. In recent months, hackers have proven there's reason for concern about types of attacks. While phishing solicits pertinent and personal information, pharming misdirects Web users of trusted brands to phony storefronts set up to harvest IDs. The solution here is to protect the networks DNS servers and domains from being manipulated by pharmers. Some best practices include separate name servers on different network segments, separate external and internal name servers, removing unnecessary services running on DNS servers and using firewall services. KEEP THE NETWORK UP Good security management avoids embarrassing downtime, loss of data, compromised information, the loss of reputation and business. The last thing any business or agency needs is adverse publicity in the popular media. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion