ArchivesQuicksearchJoin our Google GroupPoll boxAre you planning to obtain a security certification in 2008?
Archives StatisticsLast entry: 2008-08-14 21:06
100 entries written
62 comments have been made
|
Home | Contact Us
Friday, October 5. 2007Vulnerability Management: Good PracticesWe live in the age where technology is involved in almost every business process and threats such as vulnerability exploitation are an unfortunate reality. In this post I’ll be pointing out some factors one should keep in mind when looking to manage software vulnerabilities. A. Admitting a system is vulnerable One of the most common mistakes System Admins make is assuming their somewhat “small” company is not prone to attack. As a result to this, the system they should be protecting is left completely vulnerable and open. This is one of the consequences of living on a small island. We read about these things every day but we never see them happen, so we assume we won't be the unfortunate ones that will experience the first attack.
In reality, the ‘2006 FBI CIA Computer Security survey’ (PDF Version) proves that most foreign SMB’s (Small to Medium sized businesses) keep the issue internal in attempt to keep the company's image unaffected. Such a story would guarantee an article on 50% of the local newspapers, something your CEO won’t surely enjoy with his tea and biscuits. B. To Patch and Protect The next thing to do is to be pro-active, i.e. get your lazy bones off that chair and sew up all the hole. The good old medievals used to build a crocodile pit around the fort. Our foes have since changed their metal armour and swords - to suits and pen-drives. But that won’t surely stop them from making our lives hell. Consider system patching as a plus. Patching may fix security holes but indirectly you are also fixing bugs in the software that may have hindered certain functionalities. C. ...Tools... Once I was browsing and found this quote on an online article: "When security administrators think about vulnerability management, they think about the cool tools at their disposal. But running scans does not make for a good vulnerability management process." In fact, good vulnerability management also involves a lot of research; there are a lot of resources online that have dug into the subject for your convenience. One of my preferred sites is http://www.kb.cert.org/vuls/. D. Never Assume We all know that common saying that describes what "Assumption" is... So don't assume you're covered until you ran an audit that proves it  E. Realistically speaking I strongly believe that "some" is better than nothing. In fact proper vulnerability management does not consist in gigantic anti-exploit systems, especially if most of us don't have a budget to build such systems. A good start is to ensure the Microsoft patches and service packs on all the servers and workstations are in order. Then maybe you can install a Vulnerability manager to check out all the stuff you've missed. You can check out the ‘recommended’ vulnerability managers here: - http://sectools.org/vuln-scanners.html That would be all, 5 simple steps that make everyone’s life’s easier. (Tough luck for the hacker). And now for some harsh facts:  Stats retrieved from: www.cycom.se The image is my own. I don't mind you using it on any other website but please reference this blog if you do. |
Calendar
CategoriesQuick links
MadVIP.net
MySQL Geek Computer Domain - MALTA SecGeeks Google Blogoscoped SIPVicious ExchangeInbox GiGa in Security Forensics Wiki Security Catalyst Forum Forensic Focus Google Online Security CCCure online testing Layer 8 InfoSec Writers Our GOOGLE group MaltaMeter SearchMalta.com Richard Bejtlich Matasano Chargen Previous | Next  Blog AdministrationRSS Feed |
|||||||||||||||||||||||||||||||||||||||||||||||||
