Chapter 10. Preventing Rogue Access Inside the Network
It should be obvious by now that if a bad guy is inside your network, you have serious problems. However, all hope is not lost. After all, bad guys connect to your network all the time, although we usually call them users. A key function of network security management is to prevent bad guys inside the network from taking over everything, regardless of whether these bad guys are supposed to be there or not.
In today's security environment, the vast majority of people think "worms" when you start talking about network and information security. Frankly, worms are very much a secondary problem. A worm is simply a demonstration that you could have been hacked much worse using the same vulnerability in a targeted attack by someone who is after you. In Chapter 3, "Rule Number 1: Patch Your Systems," and Chapter 9, "Network Threat Modeling," we alluded to the fact that solving the worm problem was easypatch your stuff and stop clients from talking to each other. In Chapter 3, you learned how to do the former; in Chapter 9, you learned how to perform the necessary analysis for the latter. In this chapter, you'll learn how to actually implement the latter. You'll also learn about the various types of protection you can do at layers 2 (data link) and 3 (network) of the OSI model.