Site News

Science

A survey, shows that less then 40% of the British public feel they are well informed about science.

New Articles - Earth's Carbon Cycle Ultra Sonic Frogs Environmental Niche & Dinosaurs Seismic Waves Global Warming Life Support Systems Introduction to the Big Bang The Problem of Acid Rain

Our science section is in production with a proposed 1 Mar 07 "Grand launch" date.

Technology

The Linux Convert site explains how, even today, building your own linux box can be cheaper than getting an off the shelf Windows PC. There is a new article on why you should use linux there now.

New articles: Firewall Bypass Attack Snort For Newbies Malware and Intrusions Intrusion Detection Systems Malware, Trojans and Virus infections and Infection Removal

If you have any comments or suggestions for topics we should cover under the technology banner then please stop by the discussion board and let us know.

Intrusion Detection Systems

Internal software controls

In order to minimise the userís chance of opening a window of opportunity for an attacker the following Internal software controls were thought appropriate if a little draconian.

  • A review of the applications that can be executed
  • Applications that are restricted by the policy due to their natures i.e. communications software such as mIRC (dcc etc) and p2p programs with their multiple open ports and 2 way flow of packets.
  • Email controls some of which are possibly too restrictive given an academic environment. The point is to make the policy then have it discussed by those who are to implement it.
    Content censoring.
    Address list censoring or locking into hierarchical groups.
    Attachments.
    Limiting file size on email transfers, this could limit the risk of attack via malicious executables or Trojans .
    Disallow certain forms of attachment such as executables.
    Disallow active content , i.e. java or other active elements that allow for the running of code on opening of the email

Independent controls

The following independent and autonomous controls were also thought to be beneficial to the overall security of the network

Antivirus controls

  • Check emails for malicious code
  • Check files and folders on access
  • Check disks on access
  • Perform network updates and scheduled runs
  • Ensure the software id updated via regular update cycles

Operating system controls

  • Port range bans via application and network management functions. This to coincide with the review of executable applications such as peer to peer applications.
  • Network access via secure logon
  • File access via sliding scale network policies
  • Restrict machine access

People controls

  • Educate users on policy and why it is needed
  • Use same education to elicit accountability for their own actions
  • Create user agreements to agree fair usage of resources

Hardware controls

  • Encryption where needed
  • Use of ID cards for building access and room access
  • Firewalls:
  • Monitoring or blocking of ports identified by the IDS as associated with intrusions.
  • Block broadcast traffic
  • Network subnetting

Management

  • Training to keep abreast of security issues and surrounding subject matter
  • Review cycles of policy to determine if changes are needed as and when the effectiveness of the policy is determined
  • Prevention of social engineering (attempts to use personal contacts to gain access to passwords and network privileges) by educating users about this form of attack and its consequences

Page 1 - Page 2 - Page 3 - Page 4

XHTML CSS level 2 W3 Sites Any Browser GEO Url

Sci-Tech

RSS Feed

News Provided By The BBC