Re: [fw-wiz] Security and Audit Policy
From: R. DuFresne (dufresne_at_sysinfo.com)
Date: 11/27/04
- Previous message: Frank Knobbe: "RE: [fw-wiz] Security of HTTPS"
- In reply to: Servie Platon: "[fw-wiz] Security and Audit Policy"
- Next in thread: gmx: "Re: [fw-wiz] Security and Audit Policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Servie Platon <servie_tech@yahoo.com> Date: Sat, 27 Nov 2004 00:37:46 -0500 (EST)
I get the impression, that though you can be lauded for trying to be
proactive, that your problems might be a bit larger then you imagine.
First, what policy are you trying to impliment? Without a supported <by
mgt on the top of the corp chain> well defined and written policy, what
guides you not only in implimentation, but, in auditing compliance with
said non-defined-policy? There are alot of available defauklt policies on
the net one can scarfup and use as a outline for a sites policy, I would
suggest you grab and go over a few, then schedule meeting with uppe mgt to
define what the policy for the org you are working for should be. This
should aid one in the steps of forming a scecurity group for your company.
Without one you are poking about in the dark with sunglasses on and
waiting for a sighted person to pull you cane out from under you.
Thanks,
Ron DuFresne
On Sun, 7 Nov 2004, Servie Platon wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Security Gurus,
>
> When I took over as Sys Ad for this company, I found
> out there
> are no security and audit policies in place. I have no
> way means
> of getting in touch with the previous guy.
>
> Since I have to start from scratch and document
> everything
> regarding this network. I feel that this group would
> be in the
> best position to give some suggestions as to what I
> should do or
> the manner of solving the problem.
>
> I have already done the following steps:
>
> 1. Enabled Firewall rules on the network and with
> Win32 clients;
> 2. Installed Anti Virus Software for the network and
> enabled
> automatic updates;
> 3. Enforced User Permissions for most users; (dilemma)
> 4. Disabled M$ Outlook and IE and replaced these with
> Mozilla
> Thunderbird and Firefox.
>
> Problems:
>
> 1. I don't know how to keep track of their browsing
> patterns,
> some users have intermediate to advanced browsing
> skills which
> they can conceal where they have visited such as maybe
> porn
> sites and the like. How do I prove my suspiscion and
> stop them
> from doing this? I am afraid that by doing so, our
> network may
> be trojaned or may have been infected with spyware or
> may be a
> zombie now?
>
> 2. I wanted to enforce strict user permissions, but my
> dilemma
> would be, bosses or managers take it against me or
> anyone
> restricting on what they could or not do on their
> machine. To
> make a concrete example, I could do an audit policy
> for all
> users with less rights to install programs and the
> like but some
> of them, listen to radio, download .exe files or
> shareware
> without my knowledge.
>
> If I enforce this restrictive permissions, they get
> back on me.
> If I don't, I am afraid the network is considerably
> slows down
> and I think, some machines may be a compromised
> already unless
> the bandwidth is being used up by the users. How do I
> catch them
> accessing forbidden sites and how do I stop them from
> doing such
> and how do I make them with less capacity without them
> getting
> furious?
>
> 3. Though, I have setup and installed Mozilla
> Thunderbird and
> Firefox in each client PCs, most of them still use M$
> Outlook
> and IE. How do I justify and convince them not to use
> this
> because of security loopholes and problems? Some are
> so used to
> Outlook and IE that they don't want change.
>
> Any suggestions, on how to make it less of a burden to
> administer this network of 12 clients would be
> appreciated.
>
> Thanks very much.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.3.92 (MingW32) - GPGshell v3.23
>
> iD8DBQFBjjNBuG3YFhFblMkRAiXDAKDT0ywwBwfM7qi1VS5HOFPOi3LhkACg6eFg
> FR5U6VihJqU4Otz7bYyQh9s=
> =poMj
> -----END PGP SIGNATURE-----
>
>
> =====
> Sincerely,
> Servie Platon
>
>
>
> __________________________________
> Do you Yahoo!?
> Check out the new Yahoo! Front Page.
> www.yahoo.com
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
...Love is the ultimate outlaw. It just won't adhere to rules.
The most any of us can do is sign on as it's accomplice. Instead
of vowing to honor and obey, maybe we should swear to aid and abet.
That would mean that security is out of the question. The words
"make" and "stay" become inappropriate. My love for you has no
strings attached. I love you for free...
-Tom Robins <Still Life With Woodpecker>
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Frank Knobbe: "RE: [fw-wiz] Security of HTTPS"
- In reply to: Servie Platon: "[fw-wiz] Security and Audit Policy"
- Next in thread: gmx: "Re: [fw-wiz] Security and Audit Policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
