Free eBooks > Business & Investing > Management & Leadership > Management > Enterprise Security The Manager's Defense

Enterprise Security The Manager's Defense

by David Leon Clark

First came Melissa. Then the I Love You virus. Then Code Red and Nimda. The cumulative effects of these successfully orchestrated attacks are taking their toll on the Internet economy. At a minimum, users are frustrated and their confidence is shaken. On the other end of the scale, these attacks can be devastating from a financial standpoint. It is easy to see that providing enterprise security is a critical and potentially overwhelming task, but managers have no excuse for not being prepared. The technologies of the Internet remain a significant drawing card to the business community. So what is the IT manager to do? The challenge is in devising an enterprise security strategy that will defend against all forms of attack. This book is precisely the guide that managers need. Enterprise Security allows the manager to analyze their infrastructure, spot potential weaknesses, and build a formidable defense. Written for professionals charged with defending enterprises, whether large or small, this book provides state-of-the-art guidelines and key advice for making sure that your organization's enterprise is well guarded.

E-Business is on the rise, but so are the likelihood and severity of computer attacks. Melissa, the Love Bug, Nimda, and Reezak all caught the e-Business community off guard, costing billions of dollars in lost productivity and damage. Maintaining enterprise security is now, without question, a crucial aspect of doing business in today's Internet-based economy.

Enterprise Security: The Manager's Defense Guide is a comprehensive, state-of-the-art handbook for harnessing e-Business security. It examines the most recent attack strategies and offers specific techniques for combating attempts at data infiltration, destruction, and denial-of-service attacks. Understanding that security must be incorporated within multiple levels of e-Business technology and practice, the author presents measures for securing your system platform, applications, operating environment, processes, and communication links. He explains how the traditional security technologies of firewalls and virtual private networks (VPNs) can be integrated with risk management, vulnerability assessment, intrusion detection, and content management for a comprehensive security plan.

You will find in-depth coverage of such topics as:

• The goals and sophisticated tools of today's hackers
• The advantages and shortcomings of firewalls and VPNs
• Incorporating security into application development
• TCP/IP attacks, including SYN Flood and Land attacks
• Distributed denial-of-service (DDoS) attacks
• ICMP directed broadcast and Smurf bandwidth attacks
• The Bubble Boy virus
• JavaScript attacks
• Adding TCP Wrappers and security in layers
• Guidelines for vulnerability assessment and risk management

Several informative appendixes enumerate the top twenty enterprise vulnerabilities, provide an incident response form, discuss how to harden the often targeted Windows 2000 operating system, and examine denial-of-service attacks in depth.

Featuring the latest in attack technology and defenses, this book is an invaluable resource for IT managers and professionals who must remain a step ahead of the enemy in the ongoing security arms race.

David Leon Clark has over twenty years of experience in information technology systems and solutions and is currently the program manager responsible for the Information Assurance practice of Acton Burnell, Inc. of Alexandria, Virginia. Mr. Clark provides advice, support, and life cycle security consulting to federal and commercial clients. He designed the core curriculum for the Information Security Management (ISM) course of study, a graduate level program for the University of Virginia's School of Continuing and Professional Studies. A professional writer on high-tech topics, he is the author of IT Manager's Guide to Virtual Private Networks, along with numerous technology white papers and marketing literature.

A Call to Arms

First came Melissa, then "Explore.Zip," and the Love Bug. Their names were provocative, fun and cute. Then came Code Red, Nimda, and more recently, Reeezak. (That is no typo; it's triple "E.") Their names, in contrast, are sinister, apocalyptic and foreboding. So what's in a name? In March 1999, Melissa marked the beginning of the world's reckoning with a new type of Internet Virus - a computer worm. A computer worm is a special type of virus that is designed to copy itself from one computer to another by leveraging email, TCP/IP and related applications. In contrast to normal computer viruses that are occupied with spreading many copies of themselves on a single computer, computer worms are concerned with infecting as many machines as possible. By all accounts, computer worms are nasty critters that have wreaked considerable damage and wasted billions of dollars in computer worker hours. Between the Love Bug, Code Red, and Nimda, the Internet community lost over $11 billion in terms of productivity and wasted IT staff time for cleanup. The Love Bug led the pack, costing the global Internet community close to $8 billion and eventually infecting approximately 45 million email users in May of 2000. Code Red (July 2001) cost the Internet community $2.6 billion and Nimda (September 2001) caused $531 million in damage and cleanup.

At this writing, (January 2002) yet another computer worm is unleashing itself on the Internet community, with a somewhat ominous sounding name identified as Reeezak. Reeezak, like other worms, appears in email in boxes with an innocent sounding subject that simply says "Happy New Year." The message of the email also compares in tone, reading: "Hi...I can't describe my feelings, but all I can say is Happy New Year J Bye." It comes with an attachment called "Christmas.exe," which when double clicked, sends itself to all addresses listed in the user's address book while attempting to delete all the files in the Windows directory and anti-virus programs. The worm also disables some keys on the keyboard and propagates using Microsoft's compatible version of IRC (Internet Relay Chat) program. Reeezak, like other worms, only affects users of Microsoft's Outlook or Outlook Express email clients.

If the proliferation of email worms is not insidious enough, the Internet community also experienced the effects of another class of attacks just a few months before the love-letter worm (February 2000). The now infamous and very shocking distributed denial of service attacks on several of the largest and most popular eBusiness sites of Amazon, Yahoo, eBay and E-Trade were not only brazen, making the headlines of many major metropolitan newspapers, but a wake-up call to the high flying eCommerce world.

The cumulative effects of successfully orchestrated attacks are taking their toll on the Internet economy. At a minimum, users are frustrated and their confidence is shaken. Also, a "cloud" rains on the parade marching with fanfare toward eBusiness horizons. Attacks can be potentially devastating, especially from a financial standpoint. In the case of "E-Trade," livelihoods were affected on both sides of the virtual supply chain, the new business model that is enabling online businesses to reinvent themselves to capitalize on dynamic eBusiness marketplaces.

Stock traders that subscribe to the eCommerce service lost the ability to queue up their orders, beginning at 7 a.m. so that the trades could be triggered at the start of the opening bell at 9:30 a.m. In addition to being livid because legitimate orders were being denied by bogus activity flooding the site, the stock traders lost critical financial advantage for certain security tenders. The owners of the breached eBusiness sites were embarrassed, to say the least. They also inherited a potentially explosive problem that raises the question of security immediately and the viability of eCommerce as a long-term business enterprise. More importantly though, if customers lose confidence in the ability to conduct business safely and expediently at these sites, those customers will go elsewhere. Lost customers are unmistakably the death knell for Internet enterprises.

The discussion could go on and on with examples, but you get the message. Operating in the Internet economy is risky indeed. So what can be done about it? That is the purpose of this book. Enterprise Security: The Manager's Defense Guide is a comprehensive guide for handling risks and security threats to your internal network as you pursue eBusiness opportunities. Network security, which factors in open access to the enterprise's information assets, is eBusiness security. Open access allows online transactions to incorporate critical information for customers, suppliers, and partners no matter who they are or where they are. eBusiness security is an extension of the security provided by firewalls and virtual private networks (VPNs) integrated with risk management, vulnerability assessment, intrusion detection, content management, and attack prevention. In intranets and extranets and servers in the demilitarized zone (DMZ), firewalls protect the information assets behind its walls. When information is in transit via the Internet, firewalls hand-off protection of transactions to VPNs. But when information assets are residing behind the perimeter of firewalls or not in transit how do you protect them?

That's the domain of eSecurity. eSecurity solutions factor in scanning technologies to actively police operating systems, applications and network devices for vulnerabilities in the infrastructure needed to both process, maintain and store the enterprise's information assets. In other words, eSecurity solutions identify potential threats or security events, such as the denial of service kind and/or viruses. eSecurity also provides real-time scanning to detect in-progress port scans or intruders looking for an unsecured Window or door to gain illegal access into your network. After detection, eSecurity solutions facilitate corrective or preventative action before the attack can be launched without disruption to the network. eSecurity also provides a framework for surviving an attack in progress.

This book also provides a detailed conceptual review of the most popular detection, assessment, hardening techniques, and real-time security systems that can be integrated to provide lifecycle security solutions. In summary, this book will discuss a systematic process of protecting network information assets by eliminating and managing security threats and risks while doing business in the free society of the Internet.

Why Enterprise Security: The Manager's Defense Guide

It goes without saying that networks are complex systems and that providing the optimum level of network security has been particularly challenging to the IT community since the first PCs were attached to network cabling decades ago. Today, providing network security could be potentially overwhelming. The prospect of a business going online is so compelling primarily because of the pervasiveness of the Internet and the promised payoff of exponential returns. The technologies of the Internet are also a significant drawing card to the business community. The ability to present your information assets in multimedia views is hard to forego. Suddenly it seems that 3-D graphical views, graphics, animation, video and audio functionality, and low cost communication are the preferred methods of building brand loyalty from consumers or preferred vendor status with customers. It also provides partners and suppliers a strategic advantage if they are connected directly to critical information assets required for competitiveness and meeting business objectives. The technologies of the Internet also make it easy to collaborate through email messaging and workflow processes and to transfer huge amounts of information cost effectively.

As easily as these technologies are embraced they are also criticized because of their inherent security problems. TCP/IP, though a communication's marvel, is inherently insecure. When the protocol was a design spec, the creators had no compelling reason to build in basic encryption schemes in the "free spirited" operating climate of the computing world when TCP/IP was conceived in 1967. Basic security could have possibly been built in at that time, setting the stage for other systems to be secure when spawned by the Internet decades later. Microsoft's tools and application systems such as Visual Basic, Outlook, Window's NT, and various office suites are forever being slammed by disappointed users for the company's apparent decisions to trade off security in order to be the first to market. Even Microsoft's security protocol PPTP (Point-to-Point Tunneling Protocol) for dial-up VPN tunneling was also fraught with security problems in the beginning.

Even Sun Microsystems System's Java, a secure programming language for creating spectacular eBusiness applications, is not without its problems. And depending on security policy, many enterprises turn applets off in user browsers to prevent malicious code that may be attached to the applets from finding its way into systems when initially downloaded. Therefore, because of the inherent insecurities of web enabled technologies, the complexity of the functional aspects of networks, multiple operational layers and more importantly the skill of hackers, eSecurity must be inherently comprehensive.

Consequently, this book reveals how security must be implemented and administered on multiple levels for effective network security. It systematically reviews the processes required to secure your system platform, applications, operating environment, processes, and communication links. Effective eSecurity must also address the application development tools used to develop your information assets consisting of applications, programs, data, remote procedures, and object calls that are integrated to present your intellectual capital through the...

Related Free eBooks

• National Security And Homeland Defense: Challenges For The Chemical Sciences In The 21st Century
• Managing Security with Snort and IDS Tools
• Maximum Security, Fourth Edition
• Mission Critical Security Planner
• Network Security Sep 2004
• Practical Unix & Internet Security, 3rd Edition
• Redhat Enterprise Linux Security Guide
• Redhat Linux Bible Fedora and Enterprise Edition
• Security Sage's Guide to Hardening the Network
• Security Warrior
• The Information Systems Security Officers Guide
• Web Security Basics
• Windows Server 2003 Security Infrastructures
• Linux Security Cookbook
• IRG Security Manual
• Idea-Current Security Management & Ethical Issues of IT
• The Myth Of National Defense: Essays On The Theory And History Of Security Production
• IBM Enterprise Workload Manager
• Enterprise Security Architecture Using IBM Tivoli Security Solutions
• WebSphere MQ Security in an Enterprise Environment
• Enterprise Business Portals II with IBM Tivoli Access Manager
• Enterprise Business Portals with IBM Tivoli Access Manager
• Managing Storage Management Tivoli Enterprise integration with Tivoli Storage Manager
• The Domino Defense: Security in Lotus Notes 4.5 and the Internet
• TME 10 Global Enterprise Manager Event/Automation and User Administration
• Enterprise-Wide Security Architecture and Solutions Presentation Guide
• Content Delivery Networks Web Switching for Security
• Hack Notes Network Security Portable Reference
• Active Defense A Comprehensive Guide to Network Security

Related Tags