• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Network Security- research paper help please

W

Willoughbyva

Diamond Member
Hello I have to do a research paper on network security. I need some primary sources, so I thought I would try here.

The paper focuses on Intranet network security. I have a couple of questions.

Can a Intranet be secure?

What steps should be taken?

What type of firewall should be used?

What type of monitoring software should be used on the people using the network?

Any other information you think might be appropriate.

Thank you a whle lot for reading and or responding.
 
"Can a Intranet be secure?"

Sure she can be secure, but not 100%, otherwise, I bet it would not be functional.

"What steps should be taken?"

Password encryption, complex passwords, frequently changed passwords, complex usernames, firewall, constantly monitored, full backups, appropriate access to the appropriate person, to name a few.

"What type of firewall should be used?"

Depends on the situation/application and budget.

"What type of monitoring software should be used on the people using the network?"

Situation and budget dependent also. Or at least one that meets the requirements.


Hope this helps a bit.

Try insecure.org, sans.org, cert.org, etc. Or search Google for "Network Security".

Good luck!


 
Used to be with NT4 (maybe even Win2K) Server, that to make it "C2" secure, you had to remove all the NICS and modem. Novell and the DEC O/Ss were C2 right out of the box.

That's the big trick to security. You have to make it secure without driving the users to the point where they start scribbling their password on sticky-notes pasted to the monitor. This is where BioMetrics are gonna make their big step forward. Scan the face, fingertip, eyeball, or palm...you can then lockdown the Net without driving the users over the edge.

FWIW

Scott
 


<< you can have a fully 100% secure intranet, just pull the plug to the internet 🙂 >>


Not true, since the majority of the threats come from the inside. You can do a lot to secure your intranet, but allowing internal users access to it means there are potential security vulnerabilities.

RagManX
 
complex passwords, frequently changed passwords

This part is tricky. Complex passwords that change more than every 3 months are frequently written down. I believe I read somewhere (Sorry, cant remembe the source offhand) that 3 months is the shortest amount of time the passwords should be kept. I personally think it is a good amount of time.

IDS systems are important in my opinion, but are many times mroe trouble than they are worth. Without setting it up properly you will have more work to do because of the IDS system. Snort is a great FREE IDS system. Testing it out can help you learn a lot.

Firewalls are a big business right now. I personally like the free ones, but depending on the situation proprietary firewalls may be necessary. Stateful inspection is important, and proxying can help.

Frequent patching and paying attention to what is happening in the security industry are 2 important steps that many people ignore. Using third party security help (like port sentry or lids for linux/UNIX). Also checking out the SANS top 10 vulnerabilities and making sure you are protected against those is also a good thing.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top