Information Technology Reference
In-Depth Information
is, indeed, fixed and no new holes are opened up in the process. There are a number of
commercial products in the market such as NAI Cybercop and ISS Internet Scanner, but
the open source tools like NESSUS and SAINT should not be overlooked
5.3.5.
Recovery
The key point to consider in the recovery phase is to ensure you are not restoring a
vulnerable code that has already proven itself to be exploitable by any number of attack
methods. If you restore the system from tape backup, then you could be restoring a
previous state which contained the vulnerability. Before the system can be brought back
into production, the incident handler needs to validate the system. Removing the
vulnerability could have affected other functions of the system that are critical to the
business. There is always a possibility that a reinfection could occur. Therefore the
system should be monitored closely for the first few hours of operation.
6.
CONCLUSION
Internet and applications running on Internet are growing fast as are the flaws or
vulnerabilities of the tools. In this paper, in order to build a secure computer network
system, a roadmap is proposed. The roadmap consists of the following steps:
6.1
Analysis phase
x Risk analysis of the network and assets
6.2
Design phase
x Establishing the security policy
x Designing the network using security-tested products with proper configurations
x Establishing a proper perimeter protection structure, securing operating systems,
application software and protocols
x The usage of the proper crypto devices with the proper key management systems
in WANs
x Reviewing the design with system security concepts in mind (hacker view)
6.3
Operation phase
x Monitoring and logging the network
x Establishing a CERT team
x Performing periodic system security tests and audits
Search WWH ::
Custom Search