Purpose of This Book

   

Throughout this book there are real world examples of attacks used against networks, and suggestions for ways to protect networks against these attacks. However, it is important to keep in mind that a book is static; information within these pages is designed as a guideline, to help administrators develop a network security strategy.

Because each network is unique, it is impossible to deliver an all-encompassing strategy in a single book. Using the fundamentals provided in this book can help administrators find holes in current security strategies, or even start a discussion about security within the company.

I know that many people who pick up this book and thumb through it are going to think, at first glance, that much of what is listed here is a waste of time. Many network administrators are too busy plugging holes in the network to take the time to develop a security strategy, and the idea of trying to work with senior management to explain something as complicated as a DoS attack seems impossible. As difficult as these two task might seem, they are both important because, in the long run, they make the job of securing the network easier.

Putting a security process in place helps to refine the roles that different groups will play in the security process; it also serves to divide up the work that needs to be done when securing a network. A security process can also help create security baselines that make the job of administering a network much easier.

The purpose of this book is to make the job of securing the network easier. By offering suggestions, based on real world experience, of how to streamline the security process and some common mistakes to watch for, this book can be used to help create a unique security strategy for your organization.

This book should not be used alone. If your organization is serious about having a current and complete security strategy you should use as many tools as possible. In addition to this book, I would recommend the following books:

  • Network Security: Private Communication in a Public World , by Charlie Kaufman, Radia Perlman, and Mike Speciner

  • Applied Cryptography: Protocols, Algorithms, and Source Code in C , by Bruce Schneier

Of course, books should not be your only source of security information, the world of security changes too fast to rely solely on books for information. It is important to work with your server and network vendors to keep up to date on the latest vulnerabilities, and the recommended fixes. Vendors also have a lot of insight and advice about current best security practices for their products.

Finally, using the Internet as a tool to keep up to date with the latest security information can be important. As with any information on the Internet it is usually a good idea to get a second opinion. There is a lot of really good security information, but there is also a lot of bad information and some that is just wrong. Usually surveying the top security web sites, as well as vendor web sites can provide you with enough good information. Some of the security sites I recommend and personally use are (in no particular order):

  • Security Focus (http://www.securityfocus.com/)

  • The SANS Institute (http://www.sans.org/)

  • Network Security Library (http://www.secinf.net/)

  • CERT Coordination Center (http://www.cert.org/)

  • Insecure.Org (http://www. insecure .org/)

  • Computer Incident Advisory Capability (http://www.ciac.org/)

The information on these web sites is usually reliable and can help you keep your network protected.

   


The Practice of Network Security. Deployment Strategies for Production Environments
The Practice of Network Security: Deployment Strategies for Production Environments
ISBN: 0130462233
EAN: 2147483647
Year: 2002
Pages: 131
Authors: Allan Liska

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net