Library items tagged: security

Our monitor is a Linux system running the Snort lightweight intrusion detection system [3]. Demands on hardware are not very high: we use a redundant Pentium 133-based system with two 10/100Mbit/s network interface cards, 128MB memory and 4GB disk space. This allows us to use one interface to access the console, while the other is dedicated to the RSPAN traffic. It is configured with a minimum number of services running and no user accounts [4].

There’s little doubt that passwords are an inconvenience. Unfortunately they remain the most practical way for most of us to keep our on-line identities to ourselves. Without them, or if you don’t keep them secret, it would be far easier for someone else to masquerade as you, to read and modify any of your information and to take any action in your name.

GD/NOTE/001 (01/01) This paper has been contributed by a Janet customer site, and records their experiences in investigating a denial-of-service attack committed using hosts at their site. We are very grateful to them for allowing us to publish this information and hope that it will be useful to others.

Organisational Policy Incident response is a fundamental part of the organisation’s operation, playing a part in protecting both its services and reputation, so it must be included in the organisation’s policies and procedures.