Outsiders

Your goal is to keep outside hackers out, but what exactly is "out"? You must decide what is in and what is out. This is accomplished by defining a security perimeter where information can flow and still be considered secure. The security perimeter is usually closely related to the scope of control of the security personnel. This definition must include computer hardware (computers, networks, terminals, printers, removable media), physical locations ( buildings , wiring closets, cable runs), and software (what software can be used with what data). Things that will limit/define the security perimeter include things like removable media and public communication lines. When any of these perimeter limitations is reached, you have encountered a security perimeter.

It is at all these points of access to the security perimeter that perimeter defenses must be put into place. These defenses should keep information from going out unprotected and people and processes from coming in unless authenticated and authorized.

Even though attacks from outside an organization comprise a small percent of the successful attacks, it is these attacks that can be most devastating to a company. Outside attacks that go beyond simple exploratory probes usually have a very specific target. Even unsuccessful attacks can have devastating effects if the public relations are not handled well.

Network access should be limited by isolating networks through the use of bridges, routers, and firewalls. Firewalls should allow only limited secured services to pass through them. Filtered bridges and routers should be used to keep network traffic from traveling farther than necessary. It is not uncommon for a hacker to enter your facility, locate an unoccupied cubicle , and plug into an unused network jack to monitor your network traffic. With the correct level of filtering, this attack would yield no information. Without filtering, all the company's information will flow past so the hacker can take whatever he wants.

All systems should restrict access as much as possible. A system can limit access to services by host with the use of the security features of the internet daemon. This feature identifies from which hosts a service will accept connections. All network services that are started by the internet daemon can be protected in this manner. The internet configuration file lists these services that the daemon starts. You should use the internet daemon to start all network services.

You should remove the ability to reconfigure network devices in- band , that is, over the network. All administrative tasks on all devices, including computers, should require physical access to the device. Physical access is much easier to control than network access, and thereby easier to secure. Most UNIX systems have a secure terminal facility that allows you to limit access by the superuser to specific terminals, usually only the system console.