'Good Enough' Security: Network Security on a Shoestring Budget
In an environment where most of us are continually squeezed for time, resources, and funds, how can we possibly hope to fix and prevent all of our network's security problems? Beth Cohen presents principles of 'good enough' computer security that might not prevent a massive targeted attack, but that will prevent 90% of your problems while keeping your finance department happy and your job secure.
A two billion dollar corporation headquartered in Massachusetts was recently hit by the SQL Server Slammer worm. It took down a key corporate database server for several days. Even though information about the vulnerability and the patch itself have been available since January 2003, the company had not upgraded its system and was, as a result, compromised. How did that happen? What can a computer manager to do to prevent something like this in the future?
A major ISP has been having problems with its customers' anti-spam filters because they are set too high and too much legitimate mail is being bounced. A couple of months ago the company had a major reduction in force, and they eliminated the department responsible for maintaining the filter software, which means it might be a very long time before the filters will be fixed. What can a computer manager do when this happens?
Your company CEO has been reading the trade press again. How can you tell? He has just told you that you need to beef up all of the company's computer security. Oh, and by the way, your budget is being squeezed once more, which means that you'll have to do it without any additional money, again. Sigh. Is there anything you can do to address the security concerns while not blowing the precious IT budget?
As you can probably tell by now, the topic for this column is computer security on a shoestring budget. What all these stories have in common is that there's NEVER enough time, money, or resources to fix all your computer security problems, but that doesn't mean you should just give up and open your company to the world. Fortunately, there are things you can do that will prevent 90% of your security problems without costing you loads of money or resources. Let's first discuss the major threats to watch for and then move on to covering several things you MUST do to minimize your risk of attack.
May 28, 2003
Exposing any system, no matter how briefly, to an untrusted network is suicidal. A firewall is absolutely vital, and fortunately, the Linux world offers us an excellent free firewall utility in netfilter/iptables.