Network SOP's
Results 1 to 6 of 6

Thread: Network SOP's

  1. #1
    Senior Member
    Join Date
    May 2004
    Posts
    519

    Network SOP's

    I am aware that this sort of thing has done before but i just wanted to give it a go myself and hopefully pick up on some points that may have been missed or overlooked in the past. If its "been done before" and not helpful then just ignore it

    With all security it is important to master the basics as well as more advanced points ..

    Security is a way of life!

    Administrators

    Before installing it is important to PLAN! One of my favourite sayings is "PLANNING, PLANNING, PLANNING!" what this means is that before you go on to install an OS onto a server or any machine for that matter you should work out:

    Naming conventions (for the systems, domain, printers, users {firstname.lastname}
    Software to be installed and where (do not install unnessecary software {this can cause resource and security issues})
    Services that will be running (once again only the necessary ones)
    Who has access to what
    Partitions
    Passwords
    Incedence response plan ("Illegal access has been gained to my server! What do I do?")
    What OS you are going to install
    A written security policy that is read and signed by every user before they have access to the domain
    A Plan for when the servers need to be shutdown (Do you send netsends to warn the users to save their data at 60mins then 15mins then 5mins to shutdown?)
    How are you going to run backups? incrementals during the week then full backups on Friday nights?

    Once you have planned everything out in writing and checked it, It makes the installation run a lot smoother and faster than if you were making it up as you go.

    Once you have your network up and running

    RESTRICT physical access to servers (Only those who need to be there and use them have access {limit the amount of people to a minimum})

    Set bios passwords for the workstations AND servers and ensure only the HDD is in the boot path (This rules out users using programs like BLUCON to gain admin access to the local machine)

    Give users non-privelaged accounts, they do not need admin accounts (Use admin accounts only when necessary)

    Use a firewall so that even if users do install software they can't reach the world with it

    Regularly scan for new installations/differences you do not know about

    When upgrading software, test it and ensure it works 100% the way it is meant to before implementing it

    Use secure passwords (Do not use "password" as your password) and do not stick your password to your monitor with a sticky note

    Keep your servers up-to-date with new patches and upgrades (constantly check daily - Don't get caught out insecure).

    Use a virus scanner. Virii on the network is not wanted and can cause all sorts of problems

    Log EVERYTHING and more importantly MONITOR your logs

    Educate your users

    Encrypt sensitive data. Encrypt not so sensitive data aswell if you like

    Don't let users share accounts (This should come out in your security policy that they read and acknowledge before they can use the network)

    If you can don't keep sensitive data on a network connected to the outside

    If you notice anything suspect, report it, don't just let it go. It could escalate further down the track (Educate users to report aswell)

    Run TRUSTED software

    Run tests on your own network (From the inside and the outside)

    Trust No-one and Don't piss people off if you can help it

    Hope this helps anyone who wants to or has ever built a network

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I'd love to hear the reasoning behind the large number of negs on this post.

    It's a valid post that covers the basics of where to start and things to be considered. Anyone want to fess up to the why's and wherefore's of said negs?

    In the meantime..... I'll add my own AP's.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    I'd love to hear the reasoning behind the large number of negs on this post
    So would i.

    If your going to slam a post, at least post some reasons why. No one learns anything from a post being negged to death. With no reason posted.

    Constructive critisism is often the basis for improvment. There ain't no one here that can't improve.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  4. #4
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,429
    The only reason this post got negged was because it was in the Tutorials Forum, and some people thought it didn't belong there. I moved it from there. It's the second time this happens today: people make a decent post - tutorial or not - and it gets negged...

  5. #5
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by Tiger Shark
    I'd love to hear the reasoning behind the large number of negs on this post.

    It's a valid post that covers the basics of where to start and things to be considered. Anyone want to fess up to the why's and wherefore's of said negs?

    In the meantime..... I'll add my own AP's.....
    It's not a matter of fessing up.... He knows who gave them to him (me) and he knows why he got them...

    It is a valid post... in another other forum other than Tutorials.... By no definition of the word does this qualify as a tutorial. It's tips... but it's not tutorials.. Yet another reason why my suggestion of a Tips and Tricks forum should be implemented (hell add a little thing to the persons mini-profile that says tips and tricks posted. Half the time n00bs add these because they don't want to see the 0's next to their names

    This isn't a tutorial... it would be a tutorial if you told them how to do all these stuff.. listing a bunch of stuff that someone should do is not a tutorial... -
    There's my neg if you'd like to see it... I'd release the PM's however, I won't do so without fyrewall's consent...

    If it had been someone else negging him, you guys wouldn't have thought twice... It's not my fault that there's no slide bar to weigh the amount you neg a person... I didn't want to hit that hard... but it's one of life's great stories.... Tell a child not to touch a hot stove a hundred times and they'll still never listen... let them burn themselves once and they'll stay away from that stove. We could keep saying, this is the wrong forum.. this isn't a tutorial and mods could keep moving them, but obviously no one ever learns... Neg them and let them see how much that hurts and I guarentee they won't make the mistake again. I've negged quite a few people for things like this, even senior members at times, and they all take the criticism quite well.. I've recieved PMs questioning it and I respond in tone (if they're polite.. I'm polite.. if they're rude.. I'm rude)... and they almost always seem to understand and they never do it again...

    Is it wrong to do it to someone who hasn't yet been a member for a full month? Yes.. however it's also wrong to post when you don't fully understand/comprehend the rules for posting. They made a mistake and it cost them, however it's a mistake that can easily be made up... I greenie a lot higher than I neg (I believe everyone does from what I've seen) and if they make a good post in the near future I'm more than happy to give them those APs back.. I don't hold a grudge... I just punish those that don't follow the rules...

    However I have to go part shopping.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Hey hey.... To quote you HT......

    Not knowing that it was originally in Tutorials, (there's nothing to indicate it was there), I assumed someone negged for no good reason..... Sorry.....

    I don't have a problem any more.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides