Network Security in the workplace

Discussion in 'other software & services' started by nixie21, Nov 28, 2007.

Thread Status:
Not open for further replies.
  1. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    The Network admin wants to meet with me to see my thoughts on security (knowing I spend a lot of time reading Hijack logs and helping people). Since I would love to get into network security I would love to bring some good ideas to the table. Right now they only have symantec corporate AV and a firewall (barracuda?). They have a ton of workstations and servers (web server, exchange...) What other things would you recommend the company add for protection? I do not think they will change from symantec, but there is a chance.

    Thanks!
     
    nixie21, Nov 28, 2007
    #1
  2. dNor

    dNor Registered Member

    Joined:
    Oct 3, 2007
    Posts:
    212
    Location:
    Irvine, CA, USA
    Individual advice is a bit hard, especially with the information given, considering there's countless variables to consider for your network. What's important for one network isn't necessary in another.

    Strong policies and effective auditing along with a well configured firewall/VPN and switch management is a common answer, as well as keeping current with updates and patches.

    Running an analyzer such as MBSA, Security Manager Plus, and QualysGuard can point out and help resolve security issues and risks that weren't known.
     
    dNor, Nov 28, 2007
    #2
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,224
    Hello,
    Strictly related to network, or general advice for corporate lans?
    Mrk
     
    Mrkvonic, Nov 28, 2007
    #3
  4. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    A guess a bit of both? I agree it is hard, but I am not a network person (I am a programmer) with a security hobby. I am pretty good on the pc level, but not network....
     
    nixie21, Nov 28, 2007
    #4
  5. appster

    appster Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    561
    Location:
    Paradise
    Reading this may provide a beginning in grasping the issues. ;)
     
    appster, Nov 29, 2007
    #5
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Nixie

    Probably one of the best recommendations, would be every person who has access to any servers, should use a different password for every server he accesses. Watched a Microsoft presentation a while back, where one of the MS guys responsible for an attack was able to crack into the admin servers only because one guy used the same password on the admin servers he used on some of the general ones. He didn't need the passwords, he did it by retrieving password hashes and finding a match.

    It can be a pain for the guy that has 30 servers, and most folks being lazy will use the same password.

    Pete
     
    Peter2150, Nov 29, 2007
    #6
  7. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Thanks for the replies!
     
    nixie21, Nov 29, 2007
    #7
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...