Secure Build Best Practices Jordan Wiensjwiensnersp.nerdc.ufl.edu - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Secure Build Best Practices Jordan Wiensjwiensnersp.nerdc.ufl.edu

Description:

Computers are often compromised minutes from being connected to the Internet. ... Nmap: http://www.insecure.org/nmap/ Netstat -a. 1/18 ... – PowerPoint PPT presentation

Number of Views:64
Avg rating:3.0/5.0
Slides: 19
Provided by: infos2
Learn more at: http://infosec.ufl.edu
Category:

less

Transcript and Presenter's Notes

Title: Secure Build Best Practices Jordan Wiensjwiensnersp.nerdc.ufl.edu


1
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • What's the big deal? (1)
  • General Goals (2-8)
  • Vendor Specifics
  • Microsoft OSs (9-11)
  • Linux (12-14)
  • Others (15-17)
  • Questions? (18)

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
2
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • What's the big deal?
  • Computers are often compromised minutes from
    being connected to the Internet.
  • ANY machine can and will be used as an attack
    platform.
  • Security is a chain. It's only as good as the
    weakest link.
  • Secure builds are an ongoing process, not a one
    time event.

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
3
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • General Goals
  • Secure the installation process
  • Machine should be network disconnected until
    secure
  • Use private IP, filtering device, campus proxy,
    etc.
  • Use local file repositories, or local media.
  • For multiple machine roll-outs, consider
    disk-imaging software.

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
4
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Change passwords
  • Change default passwords and accounts to
    non-default settings.
  • Password generators
  • http//www.adel.nursat.kz/apg/
  • http//www.winguides.com/security/password.php
  • Password policy
  • Are you sure you got them all?
  • MS-SQL

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
5
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Disable unnecessary services
  • If in doubt, shut it down.
  • If something breaks, open back up only what you
    need to.
  • Double check with a port scan or netstat.
  • Campus self-scanner
  • https//net-services.ufl.edu/security/cgi-bin/secu
    rity-gl-info-new.cgi
  • Nmap http//www.insecure.org/nmap/
  • Netstat -a

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
6
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Patch OS and installed products
  • Again, host should still be off the Internet.
    Use a proxy, mirror, local resource, etc.
  • Visit OS security or patch page
  • Any specialized software installed on the machine
    should be the newest, or most secure, version.
    Double check with the official source for the
    program if in doubt.

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
7
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Preventative Measures
  • Host based firewalls
  • Host based IDS
  • Log monitoring
  • File system security and monitoring
  • Anti-virus

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
8
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Regular Maintenance
  • Subscribe to the appropriate announcement lists.
  • Subscribe to relevant security lists.
  • Use automated or semi-automated updates,
    especially for antiviral software.
  • Schedule regular security checkups such as
    security scans, process audits, or port scans.

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
9
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Vendor Specifics
  • Microsoft
  • Relevant lists
  • http//microsoft.com/technet/security/bulletin/not
    ify.asp
  • http//www.ntbugtraq.com/
  • Whatever lists are relevant to your setup

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
10
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Microsoft
  • Relevant sites
  • http//microsoft.com/technet/security/default.asp
  • http//microsoft.com/technet/security/lockdown.asp
  • http//www.counterpane.com/log-windows.html
  • http//windowsupdate.microsoft.com/
  • http//net-services.ufl.edu/security/public/firewa
    lls.shtml
  • Firewalls as IDS (net send)

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
11
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Microsoft
  • Additional software
  • http//ntsecurity.nu/toolbox/
  • http//www.software.ufl.edu/mcafee
  • http//www.software.ufl.edu/ghost/
  • Snort, and useful setup info
  • http//www.tripwire.com/
  • http//microsoft.com/technet/security/tools/tools/
    hfnetchk.asp

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
12
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Linux
  • Relevant lists
  • Bugtraq
  • http//www.debian.org/MailingLists/subscribe
  • http//www.redhat.com/mailing-lists/
  • http//www.suse.com/us/private/support/mailinglist
    s/index.html
  • http//www.mandrakesecure.net/en/mlist.php
  • Find your own...

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
13
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Linux
  • Relevant security sites
  • PAM Password Guide
  • http//www.nsa.gov/selinux/
  • http//www.lids.org/
  • http//www.linux-sec.net/
  • http//www.linuxguruz.org/iptables/howto/iptables-
    HOWTO.html

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
14
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Linux
  • Additional software
  • http//www.openwall.com/scanlogd/
  • http//www.cs.tut.fi/rammer/aide.html
  • http//osiris.shmoo.com/
  • http//www.stanford.edu/atkins/swatch/
  • http//snort.org/
  • http//www.autorpm.org/
  • http//www.ximian.com/products/redcarpet/

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
15
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Others
  • Relevant lists
  • Bugtraq
  • Solaris Security Bulletins
  • http//lists.apple.com/mailman/listinfo/security-a
    nnounce
  • Appropriate vendor lists

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
16
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Others
  • Relevant security sites
  • http//www.securityfocus.com/
  • Sans Solaris recommendations
  • Apple security updates
  • http//www.securemac.com/

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
17
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Others
  • Additional software
  • JASS solaris security hardnening

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
18
Secure Build Best PracticesJordan
Wiens jwiens_at_nersp.nerdc.ufl.edu
  • Questions?

http//net-services.ufl.edu/security/admins/build.
shtml
1/18
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Secure Build Best Practices Jordan Wiensjwiensnersp.nerdc.ufl.edu" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!