 |
You need help, advice and solutions, now!
You want to know more, because prevention is better than cure.
But:
Why bother? Does it matter?
How do they do it? - 13 ways to penetrate your NETWORK...
What is the scope of the problem?
Questions you should ask your NETWORK SECURITY MANAGER
What is the solution?
Why bother? Does it matter?
Security is becoming headline news around the world so check out our
18 FRIGHTENING IT SECURITY FACTS.
The United Kingdom is no exception as testified by the (05/2000) "Love Bug" Virus.
Shortly before the DTI published the 1st
Computer Security survey in the UK:
86% of companies in the UK have no security measure - _shocking_!!!
13 ways to penetrate your NETWORK...
- Default Accounts: When an operating system is installed, default accounts are installed on the system. This makes it easier for hacker they already know the user name they only have to guess the password.
- Accounts without password. No comment!
- Password Cracking: Huge dictionary of known passwords are used to find out which is your password.
- Default passwords to system account found in most operating system, applications, ...: Those are well known and makes it easier for hacker.
- Mass dialing is the dialing of your entire phone number range to identify modems port. This technique allows hacker to find a backdoor in your network.
- Trust Relationships are often used to simplify communications between systems. If one system is compromised, all the systems are.
- Employees dialling Out/Using the Internet: Whilst connected to the internal network and they also connect to the Internet (dialling out to an ISP) and create a backdoor in your secure network.
- Routers: Are the default password still in use? Do they help hackers or you?
- Netbios Scans: Netbios runs on most windows systems (Windows 9x, NT, 2000). Using a Netbios scanner, a hacker can identify the type of account (normal user, administrator, server) and check for blank passwords or accounts with a password equal to the account name.
- Packet Capturing/Network Sniffing: Hacker uses widely available/free tools to collect actual data passing through a certain portion of a network.
- Keystroke Logging; There is a few freeware packages available that logs your keystrokes. Enabling hackers to see what you type like username, passwords, ...
- Vulnerable Services: Some services like telnet, ftp do not encrypt passwords.
- Email Capturing: The text in your email is not normally encrypted and can be viewed by anybody.
What is the scope of the problem?
Hacker using your site to hide their track - whilst they attack another company;
Hacker roaming around your company to collect information;
Virus;
Theft;
Your staff surfing the Internet instead of working; ...
The following diagrams are from the DTI report on Computer Security published in 2000:
| Breaches In Security |
 |
| Unauthorized Activity *Seriousness* Of Breach |
|
Questions you should ask your SECURITY MANAGER
Click here to get your check list.
|
What is the solution? |
The solution starts with a good network design backed by a company wide security policy.
However, there is no final/comprehensive solution.
New problems are being discovered daily.
This is a challenge that needs to be addressed on a regular basis.
Hence, why it can be more cost effective to use a specialist company like
business force ®.
|
NETWORK DESIGN & SECURITY POLICY |
PROTECTION & DETECTION SYSTEMS |
APPLICATION & TOOLS |
|
Educating users about security issues & enforcement through rules.
Design & implementation of de-militarized zone, network filtering and alert/detection system
Regular Audit of your IT Infrastructure
|
Cisco Secure PIX FireWall appliances
Software FireWall solution
Cisco Secure Intrusion detection System
|
Encrypted/Signed email facility
Encrypted disk volume(s)
Anti Virus detection
Email 'Spam' detection/filtering
Enforcing acceptable usage policy
|
|
Click here to find out more
|
Click here to find out more
|
Click here to find out more
|
|
Network Design & Security Policy
|
 |
 |
Our Trainer and Senior Network Consultants can:
Education & Trainig
Educating your staff through regular training; click here to learn more about Security Fundamentals
Help you formulate Security Policies and Acceptable Usage Policies suitable for your company; click here
Design
Design a secure and reliable network based on "best practices"; or
Validate your proposed/existing design and advise you accordingly;.
Audit
Review your existing network infrastructure and produce an Audit document that will enable you to see the weak areas and what needs to be done; click here
Consultancy is charged on a per day basis and starts from £700 + VAT.
|
Protection and Detection System Solutions
|
 |
Any company with a permanent (and to a lesser extent with a dial up) connection to the Internet is at tremendous risk from ‘hackers’.
This has been made worst over the last few years by the proliferation of free and widely available tools which enable people with little knowledge to detect weak security point(s) in a company infrastructure.
This has created a new market in the industry and every months new products are being released promising plug & forget with complete peace of mind (?) capability.
However, like all new products they are likely to have software defects.
Hence, we only recommends the use of tools that have been around for years and which have a proven track record at defeating attacks.
For businesses, we have 2 recommended firewall solutions which have the following benefits:
1. The
Cisco Secure’s PIX Firewall hardware appliances provides:
Firewall service based on purpose-built security appliances that deliver unprecedented levels of security, performance and reliability.,
Load balancing - Application(s) may need some design changes.
Filtering policy.
Built-in Intrusion Detection System and the Cisco Secure Intrusion Detection System available as an option
Price starts around £211 + Installation - For more information,
click here
Installation/Training is available at £350 + VAT per 1/2 day
| Some of the Cisco Firewall available in our online store | Click for | Info |
| Cisco PIX 501 3DES with 4 Ports switch | £199 |  |
| Cisco PIX 506E 3DES/AES Bundle Software with 2 Fast Ethernet Ports | £479 | |
| Cisco SMARTnet Maintenance 8x5xNBD, TAC Application Support 24x7, Software Upgrade, 1 year contract | £67 | |
2. Software based Firewall solution for individual using the MS-Window platform which have the following benefits:
Firewall service,
Some filtering policy - some software may require manual configuration.
Graphical management tools
The following products have successfully completed ICSA Labs PC Firewalls tests and have been granted ICSA LABS PC FIREWALL CERTIFICATION and can be purchased from us:
| Some of the Software Firewall available in our online store | Click for | Info |
| Network Associates - Desktop Firewall 5 user pack | £73 | |
| NORTON PERSONAL FireWall 2005 V8.0 | £22 | |
Note: Click here for more information on ICSA Certified Personal Firewalls.
Application & Tools
1. Encrypted/Signed email facility Solutions
The worldwide standard for email authentication and encryption is PGP which is used by million users worldwide.
Email authentication can be used whether or not the receiving party has PGP software installed on their computer.
However PGP's email encryption is only available if the sender and receiver of the email have PGP software installed on their computer. When security of information is paramount and the destinator has no specialise software an alternative solution is required, see the ZixIT section.
You will need to buy a license to install and use PGPmail and PGPfile Encryption., contact us for prices
Message Privacy for Email, File Attachments and ICQ Instant Messaging
PGPfile encrypts, decrypts, signs and verifies files for either email or secure storage on your computer.
PGPicq secures instant messaging communication.
PGPicq encrypts, decrypts, signs and verifies instant messages exchanged with over 41 million users worldwide.
PGPwipe and Free Space Wiper functions delete files by erasing their content completely from your computer.
2. Secure Hard Disk Encryption
The best product available today is SecurStar's DriveCrypt - Secure Hard Disk Encryption, contact us for prices.
3. Anti Virus Detection
| Some of the Software available in our online store | Click for | Info |
| Computer-Assoc. - ETRUST ANTIVIRUS V7.1 1-USER | £26 | |
| Network-Assoc. - MCAFEE VIRUSSCAN 2005 9.0 98/ME/2000/XP | £26 | |
| SYMANTEC - NORTON ANTIVIRUS 2005 V11.0 | £33 | |
4. Email 'Spam' detection/filtering
We sell MimesSweeper, contact us for prices.
5. Enforcing acceptable usage policy
We provide a remote network monitoring service that provide you with monthly report showing who is spending the time on the Internet and what they sites are being visited, contact us for prices.
|
Installation & Support
Online Store