Secure Your Network -- NSA-Style

Secure Your Network -- NSA-Style
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Networking Firewalls    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Secure Your Network -- NSA-Style Yohann 01-06-2007
Posted by Yohann on January 6, 2007, 8:42 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
If you're nutso for network security, the NSA's 60 Minute Network Security
Guide PDF (yes, that NSA) should get your network up to brick wall status
in - apparently - 60 minutes.

The guide, which checks in at just under 50 pages, is serious about
airtight network security, urging you, for example, to enforce a password
history of at least 24 different 12+ character passwords, swapping out
passwords at least once every 90 days. The free PDF covers Windows and Unix
security setups.

http://www.nsa.gov/snac/support/I33-011R-2006.pdf

From: http://www.lifehacker.com/software/networking/secure-your-network-
nsastyle-226392.php


Posted by Mike Easter on January 6, 2007, 9:56 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Yohann wrote:
> NSA's 60 Minute Network
> Security Guide

It would probably be more useful to go in the front door...

http://www.nsa.gov/snac/ Security Configuration Guides - Overview - NSA
initiatives in enhancing software security cover both proprietary and
open source software, and we have successfully used both proprietary and
open source models in our research activities.

Security Configuration Guides
> All Current Security Guides
> Applications
> Database Servers
> Operating Systems
> Routers
> Supporting Documents
> Switches
> VoIP and IP Telephony
> Vulnerability Technical Reports
> Web Servers and Browsers
> Wireless
> Archived Security Guides

--
Mike Easter


Posted by Ansgar -59cobalt- Wiechers on January 7, 2007, 9:46 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> If you're nutso for network security, the NSA's 60 Minute Network
> Security Guide PDF (yes, that NSA) should get your network up to brick
> wall status in - apparently - 60 minutes.

From a first look it seems to contain good advice, although there are
some mistakes (e.g. passwords in /etc/shadow are hashed, not encrypted),
and it seems to be a bit outdated on the Unix part (several Unices don't
use Sendmail anymore, but other MTAs like e.g. Postfix). However, it is
only a starting point (and doesn't claim to be anything different).

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Posted by DevilsPGD on January 7, 2007, 12:46 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

>The guide, which checks in at just under 50 pages, is serious about
>airtight network security, urging you, for example, to enforce a password
>history of at least 24 different 12+ character passwords, swapping out
>passwords at least once every 90 days. The free PDF covers Windows and Unix
>security setups.

Good plan. You know what your average use does with a 12+ character
password? Guess... Oh that's right, sticky note on the monitor.

It will take your average use 4-6 weeks to learn the password (assuming
they only enter it a couple times a day), which means by the time they
learn it, they're half way to being forced to get a new one.

Worse, if someone does compromise a password, they'll have an average of
45 days (1.5 months!) to exploit it.

--
I never fail, I just succeed at finding what doesn't work.

Posted by Sebastian Gottschalk on January 7, 2007, 4:17 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
DevilsPGD wrote:

>
>>The guide, which checks in at just under 50 pages, is serious about
>>airtight network security, urging you, for example, to enforce a password
>>history of at least 24 different 12+ character passwords, swapping out
>>passwords at least once every 90 days. The free PDF covers Windows and Unix
>>security setups.
>
> Good plan. You know what your average use does with a 12+ character
> password? Guess... Oh that's right, sticky note on the monitor.
>
> It will take your average use 4-6 weeks to learn the password (assuming
> they only enter it a couple times a day), which means by the time they
> learn it, they're half way to being forced to get a new one.
>
> Worse, if someone does compromise a password, they'll have an average of
> 45 days (1.5 months!) to exploit it.

Or you're just too stupid to give them appropriate passwords like "You'lll
never get Captain Jack Sparrow!", which are secure and easy to remember.

Similar ThreadsPosted
Secure Network Devices June 19, 2007, 7:24 am
Secure Auditor new release and Secure your database with Secure Auditor April 14, 2008, 5:15 am
Secure Auditor new release and Secure your database with Secure Auditor April 14, 2008, 5:16 am
F-Secure and No-IP March 7, 2005, 10:15 pm
Secure server December 18, 2006, 11:08 pm
OT: How secure is my connection November 11, 2007, 12:24 am
Checkpoint Secure Client and WPA February 17, 2005, 1:50 pm
Secure email delivery March 1, 2005, 8:07 am
CheckPoint and Secure Client May 26, 2005, 1:07 am
Checkpoint Secure Platform and QFE November 16, 2005, 9:51 pm

The site map in XML format XML site map

Contact Us | Privacy Policy