Solutions Fast Track - Monitoring and Intrusion

Discussion in 'Cisco' started by arigano.spagety@gmail.com, Jul 21, 2008.

  1. Guest

    Dear Reader,

    Designing for Detection
    ----------------------------
    - Get the right equipment from the start. Make sure all of the
    features you need, or will need, are available from the start.

    - Know your environment. Identify potential physical barriers and
    possible sources of interference.

    - If possible, integrate security monitoring and intrusion detection
    in your network from its inception.

    Defensive Monitoring Considerations
    ------------------------------------------
    - Define your wireless network boundaries, and monitor to know if
    they’re being exceeded.

    - Limit signal strength to contain your network.

    - Make a list of all authorized wireless Access Points (APs) in your
    environment. Knowing what’s there can help you

    immediately identify rogue APs.

    Intrusion Detection Strategies
    -----------------------------------
    - Watch for unauthorized traffic on your network. Odd traffic can be a
    warning sign.

    - Choose an intrusion detection software that best suits the needs of
    your environment. Make sure it supports customizable

    and updateable signatures.

    - Keep your signature files current.Whether modifying them yourself,
    or downloading updates from the manufacturer, make sure

    this step isn’t forgotten.

    Conducting Vulnerability Assessments
    -------------------------------------------
    - Use tools like NetStumbler and various client software to measure
    the strength of your 802.11b signal.

    - Identify weaknesses in your wireless and wired security
    infrastructure.

    - Use the findings to know where to fortify your defenses.

    - Increase monitoring of potential trouble spots.

    Incident Response and Handling
    --------------------------------------
    - If you already have a standard incident response policy, make
    updates to it to reflect new potential wireless incidents.

    - Great incident response policy templates can be found on the
    Internet.

    - While updating the policy for wireless activity, take the
    opportunity to review the policy in its entirety, and make

    changes where necessary to stay current. An out-of-date incident
    response policy can be as damaging as not having one at all.

    Conducting Site Surveys for Rogue Access Points
    -------------------------------------------------------
    - The threat is real, so be prepared. Have a notebook computer handy
    to use specifically for scanning networks.

    - Conduct walkthroughs of your premises regularly, even if you don’t
    have a wireless network.

    - Keep a list of all authorized APs. Remember, Rogue APs aren’t
    necessarily only placed by attackers.A well-meaning employee

    can install APs as well.

    --- Thank You ---

    James Conack
    http://www.centronet.uni.cc
     
    , Jul 21, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mysteron

    Fast Track Certification

    Mysteron, Feb 8, 2006, in forum: MCSE
    Replies:
    58
    Views:
    5,112
    bill_k_lopez
    Jun 14, 2006
  2. Chris Croughton as Control

    FAST-TRACK of uk.telecom.voip

    Chris Croughton as Control, Apr 5, 2005, in forum: VOIP
    Replies:
    0
    Views:
    484
    Chris Croughton as Control
    Apr 5, 2005
  3. D@Z

    insert track reference in mp3 track

    D@Z, May 2, 2008, in forum: Computer Support
    Replies:
    1
    Views:
    861
    Shel-hed
    May 2, 2008
  4. Replies:
    0
    Views:
    330
  5. Barkley Hughes
    Replies:
    5
    Views:
    449
    Keyboard
    Nov 12, 2006
Loading...

Share This Page