RE: Oh Dear, Where to start?!

sanjay.patel_at_rexwire.com
Date: 06/25/03

Previous message: Volker Kindermann: "Re: Firewall on server itself"
In reply to: Steve Frank: "Oh Dear, Where to start?!"
Next in thread: Nicholas Diotte: "Re: Oh Dear, Where to start?!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: stevefrankrit@yahoo.com, security-basics@securityfocus.com
Date: Wed, 25 Jun 2003 12:47:21 -0400

Why not start with a risk analysis and find out what are business critical
devices, applications and servers. Assign each identified device a priority
number. This should become your roadmap. This is obviously a very high level
approach. But it's a start in the right direction.

-Sanjay

-----Original Message-----
From: Steve Frank [mailto:stevefrankrit@yahoo.com]
Sent: Wednesday, June 25, 2003 7:56 AM
To: security-basics@securityfocus.com
Subject: Oh Dear, Where to start?!

Hey everyone,

Ok... I am in a bit of a jam here and I was hoping to
get some feedback from some of you with appropriate
experience in the field of network security and policy
development.

I am an senior at RIT studying (essentially) systems
administration. My main focus and priority has been
computer security and policy development. I recently
took a internship with a small government office
helping out with computer administration tasks. Upon
arrival, I decided it would be fun to do a windows
update to see what sort of things would come up for my
PC. Low and behold, there were over 40 critical
updates, driver updates, and recommended updates.

Right off the bat this triggered the feeling that
there was absolutely no security or update plans in
place at this particular organization. I quickly
addressed the issue, and have been working to draft a
comprehensive security policy and implement technical
controls.

What I need advice on is the following: If you were
introduced to a mixed network (literally all versions
of windows since 3.1 and mac systems) that have no
updates, backups, or patches installed... connected to
a network with only a basic NAT table and no other
security... with not even anti-virus software
enabled... with no user policies or disaster plans in
place... with unprotected netbios shares everywhere...
where would you start the process of building some
sort of security solution?

I mean, I've seen passwords on monitors, shared
accounts, open public ports (even the wiring cabinet
was unlocked in plain view of passbys to the
building). I've been tasked with creating the security
policies relating to internet use, network and phone
use, passwords, physical security, backup/disaster
plans, antivirus, incident response, email
use/protection, and whatever else needs done. This
wouldnt be so bad normally I guess, but there is
virtually no budget allocated to help for this project
and I have approximately 3 months to do it. To make
matters worse, I am also responsible for systems
admin, network admin, tech support, programming, and
whatever other tasks may need to be done in the
meantime.

So basically, if you had to start from nothing, where
would you start first? What would you consider to be
the most important things to be implemented? I am
literally working from ground zero here... heh!

Thank so much in advance ;-)

Steve Frank

----------------
President SPARSA
Security Practices and Research Student Association
Rochester Institute of Technology

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.

Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.

Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Next message: Matt Stern: "Hi."

Previous message: Volker Kindermann: "Re: Firewall on server itself"
In reply to: Steve Frank: "Oh Dear, Where to start?!"
Next in thread: Nicholas Diotte: "Re: Oh Dear, Where to start?!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Oh Dear, Where to start?!
... >>experience in the field of network security and policy ... >>computer security and policy development. ... >>updates, driver updates, and recommended updates. ... >Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
(Security-Basics)
Re: Oh Dear, Where to start?!
... >experience in the field of network security and policy ... >computer security and policy development. ... >updates, driver updates, and recommended updates. ... >use, passwords, physical security, backup/disaster ...
(Security-Basics)
Re: Oh Dear, Where to start?!
... After that I would start writing a Security policies.. ... >experience in the field of network security and policy ... >updates, driver updates, and recommended updates. ... >Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
(Security-Basics)
Re: Check for Confidential Content
... NetIntelligence from Iomart is a security ... like sensitive documents or unlicensed software accross your network. ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
(Security-Basics)
AW: Oh Dear, Where to start?!
... place, planning for disaster recovery, and whatever else your poor network ... computer security and policy development. ... updates, driver updates, and recommended updates. ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
(Security-Basics)