Perk32725 Aug 25, 2005   11:06 AM GMT

Basically, you need to have firewalls on your network, and you need to set up firewalls on the individual machines. Firewalls stop unauthorized connections to the machines on your network. You also need to have antivirus software, along with anti-spyware software, to keep your machines clean. A good backup system is also needed in case of data loss. Finally, your company and employees need to follow a set of "best practices" rules. A good consultant can get you pointed in the right direction for all these things, along with recommendations for products and services.

0 pointsBadges:

PaulieEddie Aug 25, 2005   12:05 AM GMT

There are a variety of tools to check for all sorts of vulnerabities. HFNETCHK (http://www.hfnetchk.com/default.html) This one checks primarily windows systems for vulnerabilities, security patch levels, etc. Works pretty well. GFI Network Security Scanner (http://www.gfi.com/) Is another tool for checking systems. It does a bit more in that it will check on Linux systems and network nodes. There are a host of other port scanners and such that will review systems or entire subnets for vulnerabilities. You can also find product specific tools, like Microsoft's IIS Lockdown tool that will secure web services. It really depends on what you are looking for. If you are really looking at getting security going at you site you will need to become more familiar with it or hire a consultant to do a formal audit (especially if you are looking at any type of gonvernment compliance or standards compliance for business). Security often involves physical security, employee procedures, and employee education. Here are a couple of decent books on the subject: http://www.amazon.com/exec/obidos/tg/detail/-/059600611X/qid=1124985804/sr=8-6/ref=pd_bbs_6/102-3654224-0637718?v=glance&s=books&n=507846 http://www.amazon.com/exec/obidos/tg/detail/-/0072229578/qid=1124985804/sr=8-4/ref=pd_bbs_4/102-3654224-0637718?v=glance&s=books&n=507846 Paul

0 pointsBadges:

Sonyfreek Aug 25, 2005   6:04 PM GMT

I'd run the open source program Nessus (www.nessus.org) to look for any vulnerable programs/services on the network. Nessus runs on a linux platform but has a Windows Front end, for those that swing that way. Make sure you download all plugins before running it and keep them updaed. Make certain that you get authorization to run a vulnerability scan/network penetration test prior to doing any work, otherwise you are risking your employment. Get the CEO or upper level management to essentially waive your liability for conducting the test in case you crash something or cause a loss of revenue or worse. It's best to work with a team for different perspectives, but you can do it yourself. They might already know an avenue to exploit/test that you didn't think of before (a forgotten dial-up modem pool or Joe over there with his personnal WAP connected to your network!). You can run it in a safe mode that doesn't try to crash services or allow those to run. It's best to run it in safe mode first, investigate and fix anything that you find and then schedule a comprehensive test that may crash services on the network. Test outside first to ensure that your boundries are safe, then take it to your DMZ and inside networks later on. No matter what, make sure you test inside as well as outside because you are more vulnerable inside than you should be from the Internet. For a more extensive test, schedule a penetration test by either outside vendors or see if you get volunteers inside if you don't have the budget for an independant review. Also make sure the independent review is by a reputable company whom isn't going to leave some important information out of the report and later exploit to get inside. Nessus is pretty good and the price is great. There are others, but it's like paying for something that someone else is giving out for free. Nessus beats some of the commercial products, so there really is no need to look further unless you have deep pockets or want a support contact. I think that Nessus will let you pay them for a support contract too, if that's your cup o'tea. Hope this helps, SF

0 pointsBadges:

Poppaman2 Aug 26, 2005   8:09 AM GMT

At the risk of duplicating some (very good) answers already given: 1. Run a firewall; you pays your money and you takes your choice, so to speak. There are many good software and hardware (appliance type) firewalls out there to choose from, some better than others, some more (or less) expensive than others. I am partial to Symantec products (Yes, I realize that there are as many people who swear AT Symantec than swear BY them, so please keep the derisive laughter to a minimum.....), and the firewall products (the enterprise class ones at least) are based upon the old Axxent Raptor product - one of the better choices out there. Also, you need to decide whether to run the firewall as a Bastion Host (a single firewall - keep the good guys protected and the bad guys out), as a DMZ (basically a single computer/appliance with three networck cards - LAN on one, the "DMZ" - your publicly accessible servers (webserver, commerce server, whatever) on another, and the third connected to your web internet access, or run two firewalls with the DMZ in between. 2. Run desktop firewalls on each client machine connected to your network. I am partial to Sygate (recently purchased by Symantec, but my experience with Sygate goes back a few years...), but there are many good low cost/no cost options available (Sygate, Black Ice, Tiny, Norton, McAfee for the Windows platform to name just a few; there are others for Macintosh and Linux). 3. Run an antivirus program on EVERY computer you've got; server, workstation, standalone, whatever... This is one area where although I use the Symantec product, I readily admit that there are better solutions out there. Look at Panda, Sophos, Kapersky, Symantec and McAfee, as well as GriSoft. There are others as well. 4. Run Snort as an IDS/IPS solution. It comes either as a free program, or as supported software: the free version is about 5 days behind the supported version (www.sourcefire.org) in signature updates. 5. Run Nessus as a system/network integrity checker: many commercial products are based upon the Nessus engine (Snort as well!), so again there ar both freebie and supported versions. 6. Invest some time/energy/money in END USER TRAINING. If your users know what to do (or NOT do) you'll be well on your way to a more secure enterprise. The list above is by no means comprehensive, but it should give you a good starting point...

0 pointsBadges:

Neilhaslam90 Aug 26, 2005   9:01 AM GMT

My name is Neil my e mail id is neil_haslam@dell.com , Anyone having a virus or anything to do with a virus should try www.soloantivirus.com try the trial version and you will see for your self, I have been in the IT industry for very long try this ANTI VIRUS, and don?t forget to thank me or drop me a line letting me know the affect Thanks Neil Terrance Haslam

0 pointsBadges:

HatcherBob Aug 27, 2005   9:23 AM GMT

I fully agree with "ve3ofa". The security business is BIG business anymore. You need to work in steps on this. Either present more specifics to this question or hire a security expert to analyze your site. How big is your site?

0 pointsBadges: