Читать реферат по английскому: "System Security Essay Research Paper System Security" Страница 3

(Назад) (Cкачать работу)

also be updated fairly regularly. By taking some preventative steps in advance your system can be more reliable and less likely to give you problems. Some attackers have also begun building their own network packets to get by the firewalls. An Internet Protocol packet can be designed to be source routed, which means the source gives the directions on how to get to the destination. By using source routed packets some attackers have been able to by pass a firewall. The majority of firewall packages have now accounted for this, so that if a packet is source routed it will automatically be filtered. The best protection a system can have is an aware system administrator. The U.S. Department of Energy has an advisory called CIAC (Computer Incident Advisory Capability). This advisory keeps track of newly discovered software or configuration faults, which might allow an unauthorized person, to gain access to your system. There is also the CERT (Computer Emergency Response Team) which also puts out advisories covering system security concerns. These advisories should be checked fairly often. Besides checking the advisories a system administrator should have some type of logging set up on their system. Unix systems have this already built in and plus there is a program called tripwire which gives some extra logging and checksum functionality. The logs show things such as failed login attempts and system errors. Tripwire is used also to log port connections and to prevent the insertion of Trojans on to the system. Trojans are programs that look like they do one thing but actually do something else, usually to gain access to a system. Tripwire protects against this by doing a byte by byte check of all the executables on the system. Even though your system is very secure and you check the logs daily there still needs to be physical controls put in place. Physical Controls Physical controls are the last line of defense against an outside attack on the system. One of the most often over looked physical controls is to just place consoles in secure areas. Any computer terminal should be behind a locked door of some kind. Computers tend to be rather expensive and they tend to walk off by themselves if not within a secure environment. Not too mention that an open terminal can give someone an anonymous point of entry into your system. One of the oldest and still the best physical control is the shredder. Hard copy is to be shredded. All information that a corporation deals with is in paper form at one time or another so why should one spend so much time and money on security when they just take the information and throw it in a dumpster. In conclusion information is power and in this world of databases and networks it is going to be ever more important to pay attention to the details of how that information changes hands.

325