bonnie and clyde
1. Document layout Without a blue print of how the current network is physically and logically layed out, is like building a structure with no blue prints. The layout of the network presents the current foundation of the network, and will give us a better understanding of how things are set up. · Document client’s pc’s. Hardware, software, applications · Document Servers, routers, switches, patch panels. · Document physical layout of voice/data jacks and wiring · Fix any issues that are not IEEE standards. (Bad crimped cables, wrong wiring) 2. Perform A Threat Assessment Threat assessment begins with the assumption of a potentially hostile environment where intruders are passively or actively trying to breach network security. Passive intruders may browse through sensitive data files, monitor private conversations, or intercept electronic mail messages. Active intruders, on the other hand, are malicious and seek to destroy information, deny others access to network resources, and introduce false data or unauthenticated messages onto the network. This type of intruder may even seek to destroy programs and applications by introducing viruses or worms into the network. · To determine the threat level faced by the company, we must conduct a comprehensive vulnerability analysis, starting with a port scan of all network resources. A port is simply a place where information goes into and out of a device on the network, like a router or computer. Left unguarded, a port is a door through which a hacker can enter and, from there gain access to other resources on the corporate network. · After submitting the network to a battery of tests, sometimes using hacker tools, the findings will be displayed in summary and detail form. · Depending on the tool used, each discovered vulnerability can be assigned a score, indicating the level of risk. The reports can be prioritized so that all the highest-level risks appear at the top of the report. This prioritization allows us to start implementing security measures so that the most serious and glaring holes are closed first. · If a firewall is already in use, these threat assessment reports can provide useful information for updating security policies. · If a firewall is not in use on the corporate network, the threat assessment findings may provide ample justification for implementing one. 3. Establish An Information Security Policy Establishing an overall information security policy for the enterprise is the starting point for an effective effort to protect an enterprise network against hacker attacks and to provide appropriate response to such attacks. · The security policy should take account of known hacker threats, vulnerabilities that exist in the network, and the value of the network assets that are to be protected. A network security policy provides no guarantee against hacker attacks, but it should put the enterprise in a position to defend against known threats, to eliminate known vulnerabilities, and to decide the appropriate amount of resources that should be devoted to protecting network assets. · Since most major security breaches happen from the inside, employees need to be made clearly aware of security policies and procedures. · Policies should be clarified on collection of evidence needed to prosecute hackers and possible liabilities faced by the enterprise as a result of hacking incidents.