Solutions Fast Track - Monitoring and Intrusion

Discussion in 'Python' started by, Jul 21, 2008.

  1. Guest

    Dear Reader,

    Designing for Detection
    - Get the right equipment from the start. Make sure all of the

    features you need, or will need, are available from the start.

    - Know your environment. Identify potential physical barriers and

    possible sources of interference.

    - If possible, integrate security monitoring and intrusion

    detection in your network from its inception.

    Defensive Monitoring Considerations
    - Define your wireless network boundaries, and monitor to know if

    they’re being exceeded.

    - Limit signal strength to contain your network.

    - Make a list of all authorized wireless Access Points (APs) in

    your environment. Knowing what’s there can help you immediately

    identify rogue APs.

    Intrusion Detection Strategies
    - Watch for unauthorized traffic on your network. Odd traffic can

    be a warning sign.

    - Choose an intrusion detection software that best suits the needs

    of your environment. Make sure it supports customizable and

    updateable signatures.

    - Keep your signature files current.Whether modifying them

    yourself, or downloading updates from the manufacturer, make sure

    this step isn’t forgotten.

    Conducting Vulnerability Assessments
    - Use tools like NetStumbler and various client software to

    measure the strength of your 802.11b signal.

    - Identify weaknesses in your wireless and wired security


    - Use the findings to know where to fortify your defenses.

    - Increase monitoring of potential trouble spots.

    Incident Response and Handling
    - If you already have a standard incident response policy, make

    updates to it to reflect new potential wireless incidents.

    - Great incident response policy templates can be found on the


    - While updating the policy for wireless activity, take the

    opportunity to review the policy in its entirety, and make changes

    where necessary to stay current. An out-of-date incident response

    policy can be as damaging as not having one at all.

    Conducting Site Surveys for Rogue Access Points
    - The threat is real, so be prepared. Have a notebook computer

    handy to use specifically for scanning networks.

    - Conduct walkthroughs of your premises regularly, even if you

    don’t have a wireless network.

    - Keep a list of all authorized APs. Remember, Rogue APs aren’t

    necessarily only placed by attackers.A well-meaning employee can

    install APs as well.

    --- Thank You ---

    James Conack
    , Jul 21, 2008
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
  2. Replies:
  3. Replies:
  4. Cal Who
    Cal Who
    Jun 9, 2010
  5. Replies:

Share This Page