8 Commandments of Network Security'''

1
8 Commandments of Network Security...

• Presented by
• Jasmine Benson

2
1. Use strong passwords...

• Passwords are often the only protection used on a
  system. A user ID is only a name and doesnt
  verify an identification, but the password
  associated with the user Id works as an
  identifier. Therefore, passwords are the keys to
  your networks, and you should protect them as
  such (Cobb 30).

3
A list you can use to set strong passwords...

• Use a nonsensical combination of letters
• Include a mix of upper and lowercase letters
• Longer passwords are better
• Change your passwords regularly
• Set new passwords instead of reusing the same
  ones over and over
• Dont use a set of characters straight off the
  keyboard
• Treat your passwords as top-secret information

4
2. Always use anti-virus Software...

• Because viruses are such a persistent, annoying,
  and expensive problem, youd be silly not to use
  anti-virus software to protect computers on your
  network. While anti-virus software isnt always
  100 percent effective, its better than no
  protection at all (Cobb 32).

5
Two Types of anti-virus software...

• Scanning Engine
• tells the software how and where to scan
• compares files on your computer to the known
  viruses in the signature files
• Signature Files
• a database of known viruses and their actions

6
3. Always change default configurations...

• Installing a system right out of the box and
  leaving it with the default configuration is
  probably one of the most common mistakes that
  people make when setting up a network. Default
  configurations often have default administrative
  accounts and passwords that hackers the world
  over know (Cobb 33).

7
4. Dont run services you dont need...

• Often youll find that the default configuration
  of operating systems have services or small
  programs running that you dont really need. The
  standard rule of thumb is to turn off anything
  you dont need because some of the default
  services have known security holes and they will
  introduce new vulnerabilities into your system
  (Cobb 34).

8
5. Immediately install security updates...

• The bad news is that almost all software contains
  security holes. The good news is that dozens of
  new alerts are listed daily in places like CERT
  and Security-Focus. The person responsible for
  network should be aware of these alerts and
  should subscribe to one of the many services
  that send up for alerts that only pertain to your
  situation. And as soon as the alerts appear, you
  should obtain the fix and apply it to your
  computers.

9
6. Back up early and often...

• When an intruder trashes your system, the best
  recourse you have is to take your system offline
  and restore it from your backup. Some types of
  backups are used for archival purposes only and
  arent intended to restore a system to order.
  You have to test your backups occasionally.

10
The backup madness method...

• The first day of every week you should make a
  full backup of your system. This includes every
  file on every computer.
• On subsequent days, you should make an
  incremental backup. This will include only files
  that have changed since the last full backup.
• Finally, once a month, you should store one of
  the full backups for archival reasons. This way,
  if you ever have to resort to restoring your
  system, you never have to go back further than
  one week.

11
7. Protect against surges and losses...

• Protecting against surges and losses goes
  hand-in-hand with making regular backups. In any
  critical system you should have a certain amount
  of redundancy in place in case parts of your
  system start to fail.

12
8. Know who you trust...

• Of course, you should know who is working with
  you in the office, but what about other on
  down-line connections?

13
Information to review(for mistakes , accuracy,
and up-to-date information)

• Have you set up your computers to trust computers
  in other companies so that you can share date?
• Are you sure you have their IP addresses correct?
• Do you have a limit on the other networks you
  trust?
• Do you know who is remotely logging in to your
  network?
• There are files on your network that list trusted
  connections
• Make sure the addresses of those networks are
  correct

14
Special Thanks

• Mrs. Sherri Shade
• KSU Computer Lab (Personnel and Staff)