[an error occurred while processing this directive] [an error occurred while processing this directive]
[an error occurred while processing this directive] [an error occurred while processing this directive]
;) Packet-Securitydot com
[an error occurred while processing this directive] [an error occurred while processing this directive]

Papers By Bagarre:

  • Intro to PGP
  • Chris Snell give a good explaination of what Pretty Good Privacy is and how it works.

  • Intro to Pseudo Code
  • A good read on the basics of pseudo code and program management.

  • I'd rather be fragging
  • Bypassing those Linksys boxes, some ACLs and tons of other fun stuff.

  • The Art of Wardialing
  • A lost art? Not worth exploring? I think not.

  • deny, Deny, DENY
  • If you didn't say it could come in, it shouldn't. This will be a discussion on router ACLs and the construction of a DMZ.

  • OPP Other People's Passwords
  • How do you get your users to use good passwords? How important is it?

  • The Enemy Within
  • Do you trust your users? Should you? The internal threat is real and needs to be addressed with written policy, permissions and well planned grouping.

  • Who's Watching Who?
  • The intruder is no doubt looking at your traffic. You should too. How will you know what's not normal if you've never seen your normal traffic on the wire?

      [an error occurred while processing this directive]
    [an error occurred while processing this directive]
    [an error occurred while processing this directive]
    deny Deny DENY
    By: Bagarre
    [an error occurred while processing this directive]
    Loading Document
    If the page does not load, click here.
    [an error occurred while processing this directive] [an error occurred while processing this directive]

    One of the biggest conflicts in the world of IT today is Security vs. Availability. What good is a network if you can't talk to everyone else and how can you be safe if anyone can access your network? There can be no clear winner. Both sides have to give. The security folks have to understand that the network exists so that the company can communicate with the world and the network guys have to understand that the company will cease to exist if that network is unsafe. A compromise must be made.

    If the network guys want to open everything up, the security guys want to close everything down. So, ask the questions. "What needs to be open on the network in order to do day to business and why?" "Who does it need to be opened to and why?" "What is absolutely bad things to open and why?" One thing to remember, it's better and easier to start with everything closed and punch holes as needed. So, start with a basic: deny all all. From the outside world (the internet) to you (the intranet), "aint no one goin no where".

    Now, we proceed to punch the holes:

    [an error occurred while processing this directive] [an error occurred while processing this directive]

    "Port 80 needs to be open to everyone in the world in order to access our website!"

    "OK, Port 80 needs to be open for everyone in the world but only to our web server. No one needs to access anywhere else in our network on that port. Furhtermore, if any one network starts causing trouble with our website, we'll deny them as needed."

    Allow everyone port 80 to web server

    "We have to be able to receive mail so, port 25 should be open too."
    Allow everyone port 25 to mail server

    "Some people work from home using telnet and ftp to the servers so, though in 23 and 21 as well."

    "No. These two protocols are plagued with vulnerabilities and are an unacceptable risk to the network. SSH allows the same functionality with much more security. We can set up a gateway box that they can hop thru as well."

    Allow everyone port 22 to gateway_box

    "Use Windows shares to move files back and forth from home to the office. NetBIOS ports need to be open."

    "No way in Hell! There are far too many risks involved with NetBIOS to allow it to travel in or out of our networks. These ports should never be opened. SSH or a VPN tunnel should be considered."
    [an error occurred while processing this directive] [an error occurred while processing this directive] One of the most common attacks against a Windows network is via NetBIOS, port 139. With this, an attacker can enumerate all of your computers, usernames, password policies, drive shares, printers, domain controllers and much more. Also, they can use this info to gain access to your network and do most anything they want!

    ....and on down the line you go until you have made a list of allowable points of access, better known as an Access Control List or ACL. The above is pseudo code for the most part and would have to be translated into your router's wording of course.

    By using your router's ACLs, you can make a basic firewall that will stop dozens of different types of attacks! How can they attack things they can't even connect to? Aside from the internal threat (discussed later on this site) you don't even have to worry about it anymore.

      -Bagarre
    [an error occurred while processing this directive] [an error occurred while processing this directive]

    Loading Document
    If the page does not load, click here.

    Google Packet-Security.com
    [an error occurred while processing this directive]
    [an error occurred while processing this directive]