Wednesday, January 28, 2009

Computer Security 101

Computer/Network security is not as complicated as most people make it out to be. Securing a computer or network can be broken down into 4 steps:
  1. Control/restrict which services are allowed to be offered on each system.
  2. Control/restrict who/what is allowed to access the services.
  3. Apply patches and updates.
  4. Educate the computer/network users about proper/secure usage.
Step 1: Restrict Services
The basic concept here is; if the computer does not need to offer a particular service in order to fulfill its purpose, then the service should be turned off and removed if possible. Every service offered by a computer is another possible avenue a malicious individual could try to use to gain unauthorized access to the computer. It is also necessary for every service offered by a computer to be patched and updated when possible. By limiting the number of services running, you reduce the amount of work.

Step 2: Restrict Access
Depending on the size of the computer network and the number and types of services offered (web pages, ftp, databases, etc...), this can be a fairly daunting task. Complex passwords/passphrases should be used/enforced for all "login account". Login access should be restrict to those individuals with authorization and need to assecc the computer. Access can be further restricted based on originating computer address (IP).

Step 3: Patch & Update
Everyone should know by now to update their operating systems whenever new patches become available. While this is good, other patches and updates should be applied as well. These inculde updates to services that are offered such as web servers, mail servers, dns servers, etc... as well as installed software such as text editors, mail clients, web browsers, etc...

Step 4: Education
This is very possibly that hardest part of the process. It is not enough to just have a secure computer. No computer system or network can be so secure that it is "Human proof". Proper training and education of the computer users is necessary.

While these steps are very vague and broad, they can be applied to any size network ranging from a single computer to a massive corporate network with amazing results.

In future articles we will discuss other more indept security issues such as firewalls, preventing SQL injection attacks, intrusion detection/prevention systems, etc...
Posted by Tatanus at 9:18 PM 0 comments Links to this post
Labels:
Subscribe to: Posts (Atom)