RE: [fw-wiz] Looking for papers on protecting servers

From: Don Parker (dparker_at_rigelksecurity.com)
Date: 04/16/04

  • Next message: Chuck Vose: "RE: [fw-wiz] Using RDP Port 3389"
    To: "Laura Taylor" <ltaylor@relevanttechnologies.com>, "'LazlÚ Carreidas )'" <LazloCarreidas@netscape.net>, <firewall-wizards@honor.icsalabs.com>, <focus-IDS@securityfocus.com>, <security-management@securityfocus.com>
    Date: Fri, 16 Apr 2004 11:57:32 -0400 (EDT)
    
    

    Good points Laura, and I fully agree with them. One area that is often overlooked when
    deploying new servers or services is the architecture itself. Quite often a change in
    the network architecture itself can go a long ways in helping secure not only service
    itself, but also the internal network in case of a breach. This is not a popular option
    though I have found as many see it as too labour intensive or complicated.

    Kind regards,

    Don

    -------------------------------------------
    Don Parker, GCIA
    Intrusion Detection Specialist
    Rigel Kent Security & Advisory Services Inc
    www.rigelksecurity.com
    ph :613.249.8340
    fax:613.249.8319
    --------------------------------------------

    On Apr 13, "Laura Taylor" <ltaylor@relevanttechnologies.com> wrote:

    I think it would help if you were a little more specific. Depending on the
    application and the operating system, there is a good chance you may use a
    difference approach. If the server that is running a Microsoft operating
    system you can use automated security templates .inf files to lock it down
    so tight that leading scanners will not be able to discover that it is a
    Windows box however it is very different if you are talking about a UNIX
    server. If you are trying to secure an application, intrusion prevention
    works well. If you are trying to secure a DNS server, you use a different
    approach than say if you are trying to secure a SQL server. The best bet is
    to use a layered approach where you apply security the application, the
    operating system, and the infrastructure.

    --
    Laura Taylor
    Relevant Technologies, Inc.
    www.relevanttechnologies.com
    -----Original Message-----
    From: firewall-wizards-admin@honor.icsalabs.com
    [mailto:firewall-wizards-admin@honor.icsalabs.com]On Behalf Of LazlÚ
    Carreidas )
    Sent: Wednesday, April 07, 2004 6:58 AM
    To: firewall-wizards@honor.icsalabs.com; focus-IDS@securityfocus.com;
    security-management@securityfocus.com
    Subject: [fw-wiz] Looking for papers on protecting servers
    My fellow experts,
    I have been requested to write a document that would describe the different
    means to "protect" a specific server in a datacentre (except for the
    continuous patching process, of course...)
    There are several possibilities (individual or combined):
      - firewall as a "datacentre door"
      - firewall (kind of "personal") over the server
      - good HIDS and NIDS
      - some kind of "security agent" that would raise an alert when needed
      - etc...
    I am looking for opinions, papers, etc... that could help me writing this
    document.
    Thank you for your help
      LazlÚ
    [Sorry for the multiple post]
    __________________________________________________________________
    Introducing the New Netscape Internet Service.
    Only $9.95 a month -- Sign up today at <a 
    href='http://isp.netscape.com/register'>http://isp.netscape.com/register>
    Netscape. Just the Net You Need.
    New! Netscape Toolbar for Internet Explorer
    Search from anywhere on the Web and block those annoying pop-ups.
    Download now at <a 
    href='http://channels.netscape.com/ns/search/install.jsp'>http://channels.netscape.com/ns
    /search/install.jsp</a>
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    <a href='http://honor.icsalabs.com/mailman/listinfo/firewall-
    wizards'>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards>
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    <a href='http://honor.icsalabs.com/mailman/listinfo/firewall-
    wizards'>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards>
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Chuck Vose: "RE: [fw-wiz] Using RDP Port 3389"

    Relevant Pages

    • "An Asp.Net accident waiting to happen" - Draft article
      ... In a time where Security ... in shared hosting environments. ... technologies that allow the creation and deployment of secure ... IIS 6 web server and windows 2003 also provide some tools to deploy ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Word 2007 Missing User Level Securitty - ARRRGGGGHHHH What were they thinking?
      ... People who actually need object-level security should ... you seem to think that the File Server serves files to Jet? ... cannot be made secure .. ... record-based network database system. ...
      (microsoft.public.access.security)
    • Re: SBS 2003 and TS-App Mode
      ... It's not secure... ... functionality over security and now you want functionality back. ... open and easy to use...they want TS on a domain controller back. ... Do not enable application server mode on a domain controllers. ...
      (microsoft.public.windows.server.sbs)
    • Questions on secure remote access to Fedora Core 2
      ... I am somewhat new to Internet security solutions in general and Linux ... I am setting up a server with Fedora Core 2 (there are specific reasons ... What is the most secure method I can use to give these individuals access ... under ssh. ...
      (comp.os.linux.security)
    • Re: write with cURL
      ... It takes time to set up an account for you, process the billing, etc. ... Sorry, my servers are secure. ... Nothing you have told me shows me you know how to lock down a server so that it is secure - other than to use the server's file security. ...
      (alt.php)