Table of Contents
Prevention and detection�Fundamentals of network security / Part II
Proactive measures
Site security policy
Protecting your network
Host-based protection
Tools
Strip down default services
Dangerous services
Restrict access to services
Use encryption
Encryption is not everything
Restrict users and services
chroot environment
Setting up chroot environment
Snapshot of the system
Design your network
Basic router filtering�Prevent spoofing
Basic router filtering�Guard against IP address trust exploits
Basic router filtering�Dont help flooders
Division of the network
Filtering traffic (1)
Filtering traffic (2)
Filtering traffic (3)
Filtering traffic (4)
Filtering traffic
Firewalls
Implement a firewall
Stay informed
Apply patches
Monitor system activity and integrity
Use encryption
Symmetric encryption
Asymmetric encryption
Digital signatures
Prevention traps
After the incident
Regain control
Analyze the intrusion
Things to check
Contact the relevant organizations
Recover from the intrusion
Disclosure of information
Global trends
Useful links
|
Author: Gorazd Božič, ARNES SI-CERT
|