Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C Programming > Solutions Fast Track - Monitoring and Intrusion

Thread Tools

Solutions Fast Track - Monitoring and Intrusion
Posts: n/a
Dear Reader,

Designing for Detection
- Get the right equipment from the start. Make sure all of the

features you need, or will need, are available from the start.

- Know your environment. Identify potential physical barriers and

possible sources of interference.

- If possible, integrate security monitoring and intrusion

detection in your network from its inception.

Defensive Monitoring Considerations
- Define your wireless network boundaries, and monitor to know if

theyíre being exceeded.

- Limit signal strength to contain your network.

- Make a list of all authorized wireless Access Points (APs) in

your environment. Knowing whatís there can help you immediately

identify rogue APs.

Intrusion Detection Strategies
- Watch for unauthorized traffic on your network. Odd traffic can

be a warning sign.

- Choose an intrusion detection software that best suits the needs

of your environment. Make sure it supports customizable and

updateable signatures.

- Keep your signature files current.Whether modifying them

yourself, or downloading updates from the manufacturer, make sure

this step isnít forgotten.

Conducting Vulnerability Assessments
- Use tools like NetStumbler and various client software to

measure the strength of your 802.11b signal.

- Identify weaknesses in your wireless and wired security


- Use the findings to know where to fortify your defenses.

- Increase monitoring of potential trouble spots.

Incident Response and Handling
- If you already have a standard incident response policy, make

updates to it to reflect new potential wireless incidents.

- Great incident response policy templates can be found on the


- While updating the policy for wireless activity, take the

opportunity to review the policy in its entirety, and make changes

where necessary to stay current. An out-of-date incident response

policy can be as damaging as not having one at all.

Conducting Site Surveys for Rogue Access Points
- The threat is real, so be prepared. Have a notebook computer

handy to use specifically for scanning networks.

- Conduct walkthroughs of your premises regularly, even if you

donít have a wireless network.

- Keep a list of all authorized APs. Remember, Rogue APs arenít

necessarily only placed by attackers.A well-meaning employee can

install APs as well.

--- Thank You ---

James Conack
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Solutions Fast Track - Monitoring and Intrusion Java 1 07-21-2008 08:49 AM
Solutions Fast Track - Monitoring and Intrusion Digital Photography 0 07-21-2008 02:50 AM
Solutions Fast Track - Monitoring and Intrusion ASP .Net 0 07-21-2008 02:49 AM
Solutions Fast Track - Monitoring and Intrusion Python 0 07-21-2008 02:48 AM
Solutions Fast Track - Monitoring and Intrusion C++ 0 07-21-2008 02:47 AM