Ken
Would REAL security cameras like this one (not talking about a real expensive camera) http://www.amazon.com/Q-See-QS2350C-Weatherproof-Camera-Circulating/dp/B000LW7Z4Q/ref=pd_bbs_sr_9?ie=UTF8&s=electronics&qid=1220252870&sr=8-9 move angle position automatically along with the movement that it has sensed or would it just stay in the position that i have chose. For example, if the camera has a person in sight, and the person walked to the left going out of the cameras sight, would the camera move to the left along with the movement?
Thanks
Answer
Takes a pretty special camera to do that. Most cameras are fixed and just cover a big area, you can go in on the "tape" later and zoom in on people. Other ones just wave back and forth on some program, we could program ours to do a pattern. There are some cameras that activate on movement but to follow it is a whole nother deal
Maybe someone was running it remotely, that's easy
Takes a pretty special camera to do that. Most cameras are fixed and just cover a big area, you can go in on the "tape" later and zoom in on people. Other ones just wave back and forth on some program, we could program ours to do a pattern. There are some cameras that activate on movement but to follow it is a whole nother deal
Maybe someone was running it remotely, that's easy
Network Security?
La Flaca
I am a network administrator. Recently, a number of local companies have been hacked, some from the Internet and some by physical break-ins. I need to address these possibilities for my company. What security tools and procedures can anyone recommend to deploy and use in a situation like this? For the network? What vulnerabilities would these monitor or correct? With these in place, what would the network still be vulnerable to? All info is appreciated.. thanks â¥
Answer
You can reduce the risk by applying good business judgement and procedures. Someone mentioned SANS and INSECURE.ORG as a start. You will also need to implement good governance and risk management programs at the company to...again...reduce the risk from these things to happen.
For IT Governance you can use COBIT 4 and GAIT (ITGeneral Controls Scope Based on Risk (GAIT).) from ISACA and The IIA respectively. Their links are:
http://www.isaca.org
http://www.theiia.org
You can use also the European version of COBIT if you search for ISO17799 and also ITL.
All these are control objectives of the IT Environment that serves as the guide to best practices.
For Internet break-in you need to watch your entry points and their vulnerabilities. This inclues the settings on the firewall, VPN, Remote Access, and Web Services (IIS, FTP, Email) for example. On each you would like to harden their configuration to prevent misconfigurations that a hacker can use to break into your systems. The Center For Internet Security (cisecurity.org) has develop benchmarks for OS and some appliances that you can test the configuration and apply best practices design by experts.
This is just one step, you can do your own checks with nessus to verity you don't have holes in your network. Be careful running this tool. There is an option to run scans that are very intrusive and can perform denial of service attacks (DOS) on your machines. If you decide to run these scans you should coordinate them to make sure you can recover if something goes wrong.
Next, you should have Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) depending on your taste and budget. A good free IDS that runs on LINUX is Snort (snort.org). There is a lot of add ons for Snort that are GPL and can be found at sourceforge.net. If you don't want to mess around the configuration of LINUX and the Snort application you can download a virtual appliance from VMWare already pre-configured (www.vmware.com). The server version that runs on LINUX or Windows Servers is free of charge. I would be surprise if you are not using VMWare or MS Virtual PC. However, VMWare is the leader on virtual technology.
Now that you have preventive and detective controls is time to look at each individual vulnerabilities of the services you provide or the devices you are trying to protect.
For email you would want to have an appliance that can filter spam and that can block individuals from browsing places that can get infected with internet scripts. This can still be achieved centrally on the network.
On the desktop you would want to have good antivirus software installed and periodically scanning for viruses. The leaders are Symantec and McAffee. Each one has its pro/cons.
You would want to establish a periodic review to check what software gets installed all computers including the servers. Look for P2P, IRC, FTP Servers, and anything that can create a conversation with the exterior.
Establish a periodic review to check rouge devices, wireless, with netstumbler (netstumbler.org) and confiscate any that is physically connected to the network ASAP (extends your network and your security risks)
For physical security I can send you an audit program that covers some basic and standard things us IT Auditors look for. For example things we look at like security guards, cameras, the position doors open, ornamental barriers that serve as physical security, signs that can give the location of the data center, barriers to prevent cars crashing into the building, access configurations, etc...
Also, you should implement a security awareness program if you have not done so. This will educate the end-user on thing to watch for and things not to do while using email, internet, and other treats like social engineering attempts.
If you need more information security info just send me an email to mpg_2@yahoo.com.
By the way, what companies were recently broken into? I believe you live in Puerto Rico and I used to live there until 2000.
Cheers!
You can reduce the risk by applying good business judgement and procedures. Someone mentioned SANS and INSECURE.ORG as a start. You will also need to implement good governance and risk management programs at the company to...again...reduce the risk from these things to happen.
For IT Governance you can use COBIT 4 and GAIT (ITGeneral Controls Scope Based on Risk (GAIT).) from ISACA and The IIA respectively. Their links are:
http://www.isaca.org
http://www.theiia.org
You can use also the European version of COBIT if you search for ISO17799 and also ITL.
All these are control objectives of the IT Environment that serves as the guide to best practices.
For Internet break-in you need to watch your entry points and their vulnerabilities. This inclues the settings on the firewall, VPN, Remote Access, and Web Services (IIS, FTP, Email) for example. On each you would like to harden their configuration to prevent misconfigurations that a hacker can use to break into your systems. The Center For Internet Security (cisecurity.org) has develop benchmarks for OS and some appliances that you can test the configuration and apply best practices design by experts.
This is just one step, you can do your own checks with nessus to verity you don't have holes in your network. Be careful running this tool. There is an option to run scans that are very intrusive and can perform denial of service attacks (DOS) on your machines. If you decide to run these scans you should coordinate them to make sure you can recover if something goes wrong.
Next, you should have Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) depending on your taste and budget. A good free IDS that runs on LINUX is Snort (snort.org). There is a lot of add ons for Snort that are GPL and can be found at sourceforge.net. If you don't want to mess around the configuration of LINUX and the Snort application you can download a virtual appliance from VMWare already pre-configured (www.vmware.com). The server version that runs on LINUX or Windows Servers is free of charge. I would be surprise if you are not using VMWare or MS Virtual PC. However, VMWare is the leader on virtual technology.
Now that you have preventive and detective controls is time to look at each individual vulnerabilities of the services you provide or the devices you are trying to protect.
For email you would want to have an appliance that can filter spam and that can block individuals from browsing places that can get infected with internet scripts. This can still be achieved centrally on the network.
On the desktop you would want to have good antivirus software installed and periodically scanning for viruses. The leaders are Symantec and McAffee. Each one has its pro/cons.
You would want to establish a periodic review to check what software gets installed all computers including the servers. Look for P2P, IRC, FTP Servers, and anything that can create a conversation with the exterior.
Establish a periodic review to check rouge devices, wireless, with netstumbler (netstumbler.org) and confiscate any that is physically connected to the network ASAP (extends your network and your security risks)
For physical security I can send you an audit program that covers some basic and standard things us IT Auditors look for. For example things we look at like security guards, cameras, the position doors open, ornamental barriers that serve as physical security, signs that can give the location of the data center, barriers to prevent cars crashing into the building, access configurations, etc...
Also, you should implement a security awareness program if you have not done so. This will educate the end-user on thing to watch for and things not to do while using email, internet, and other treats like social engineering attempts.
If you need more information security info just send me an email to mpg_2@yahoo.com.
By the way, what companies were recently broken into? I believe you live in Puerto Rico and I used to live there until 2000.
Cheers!
Powered by Yahoo! Answers
Tidak ada komentar:
Posting Komentar