[an error occurred while processing this directive] [an error occurred while processing this directive]
[an error occurred while processing this directive] [an error occurred while processing this directive]
;) Packet-Securitydot com
[an error occurred while processing this directive] [an error occurred while processing this directive]

Papers By Bagarre:

  • Intro to PGP
  • Chris Snell give a good explaination of what Pretty Good Privacy is and how it works.

  • Intro to Pseudo Code
  • A good read on the basics of pseudo code and program management.

  • I'd rather be fragging
  • Bypassing those Linksys boxes, some ACLs and tons of other fun stuff.

  • The Art of Wardialing
  • A lost art? Not worth exploring? I think not.

  • deny, Deny, DENY
  • If you didn't say it could come in, it shouldn't. This will be a discussion on router ACLs and the construction of a DMZ.

  • OPP Other People's Passwords
  • How do you get your users to use good passwords? How important is it?

  • The Enemy Within
  • Do you trust your users? Should you? The internal threat is real and needs to be addressed with written policy, permissions and well planned grouping.

  • Who's Watching Who?
  • The intruder is no doubt looking at your traffic. You should too. How will you know what's not normal if you've never seen your normal traffic on the wire?

      [an error occurred while processing this directive]
    [an error occurred while processing this directive]
    [an error occurred while processing this directive]
    The Enemy Within
    By: Bagarre
    [an error occurred while processing this directive]
    Loading Document
    If the page does not load, click here.
    [an error occurred while processing this directive] [an error occurred while processing this directive]

    Of all the people trying to break into your networks possibly the most dangerous, stealthy and persistent will be your own users. They know your structure, architecture and security posture. They probably don't fear repercussions because they don't think they are doing anything wrong and last but definitely not least, they have internal access and are trusted.

    We've all heard the phrase "Users are losers". How many of you thought they were talking about drugs in those commercials ;) but joking aside, these are the guys and gals that will cause you the most work!

    • "Yes, hello? Computer guys? I just clicked on an email attachment and now, everything is running slow."
    • "I don't know what happened, I stuck the floppy into the computer and now, everything is weird. Huh? My son gave me the floppy."
    • "I didn't delete those files."
    • "They are not hacker tools and I was just curious about our networks."
    Hmmm...
    • What email filters are you running?
    • Do you have a policy in place that addresses unauthorized software on company computers?
    • What kind of file audits do you have set up on your file servers?
    [an error occurred while processing this directive] [an error occurred while processing this directive]

    The best way to protect your users from themselves is with written policies. These policies should outline what the users can and cannot do. There is no problem with a user agreement being several pages long, so long as it's worded in a way that the user can understand and someone takes the time to explain the agreement to them. Try to break the agreement down into short paragraphs that address specific items and put check boxes next to each paragraph for the users initials. Remember, an agreement is useless if the user doesn't understand what it sais or doesn't take the time to read it. It might be a good idea to hold a meeting with them to explain it better. This is not a credit card agreement. \There should be NO fine print or loop holes. We are not trying to put someone on the hook. We are trying to explain to the users what their responsibilities are. They need to feel like they are in the loop on this one. That they have a responsibility to the well being of the network. They should care about security.

    [an error occurred while processing this directive] [an error occurred while processing this directive]

    Some of the topics that should be covered in an agreement:

    • Concealing passwords (no post-it notes, sharing passwords or storing them digitally.)
    • Web browsing. Not specific websites that are off limits but what activities are unauthorized. This can be as general as "any activity not directly contributing to the well being and productivity of the company" or actually spelling it out. Either way, what we are trying to deter is the person that spends his whole day reading slashdot articles or surfing ebay and not doing what he's being paid to do.
    • Downloading software. Absolutely no unauthorized software will be downloaded, installed or run by a user without written permission by the IT staff. This also means you have to define what software is authorized.
    • Attempting to access shares or services on the network that they do not have explicit permissions to.

    This is by no means an all-inclusive list. This is just a quick starting point to get the ball rolling. Don't word these agreements in a way that puts your users on the defensive. These papers are supposed to keep them out of trouble by letting them know what they shouldn't be doing. These are not 'or els' documents. Those may come later after in the form of a performance evaluation after they violate these agreements.


      -Bagarre
    [an error occurred while processing this directive] [an error occurred while processing this directive]

    Loading Document
    If the page does not load, click here.

    Google Packet-Security.com
    [an error occurred while processing this directive]
    [an error occurred while processing this directive]