Slashdot Mirror
Secure Your Network NSA-style
farker haiku writes "The NSA has unclassified a pdf on how to secure your network in sixty minutes. All in all, it's an interesting and informative read if you are in the security biz. The article covers a variety of topics such as Buffer Overflows, Intrusion Detection Systems and using Tripwire ASR to ensure the integrity of your network server."
The NSA has unclassified a pdf on how to secure your network in sixty minutes.
This was classified? All the information in this document has been freely available on the Web for quite some time now...
I'm still gonna print this up and put it on my shelf...the NSA logo on the front looks pretty impressive. ^_^
____
~ |rip/\/\aster /\/\onkey
What about the "Under 60 seconds method for securing your computer" ?
;)
Step 1. Unplug it.
Ta-daaaa! Secure at last.
"What do you think?" "I think 'What, do you think?!'"
Sure, there are certainly some differences, with certain types of threats becoming more common and other sorts of threats becoming less common, but I'm not really aware of any fundamentally new threats appearing during that period, at least not anything that the `old' defenses (as described by this paper) aren't effective against.
Probably the biggest change would be the general switch to massive DDoS attacks using an army of compromised machines, rather than an attack from a few machines. The concept certainly existed before 2002, but it's really become a problem since then. And ultimately, the `NSA-style' response is likely to be the same -- the important systems aren't on the Internet, so they're not vulnerable. (And if their internal network did have such a problem, they'd have much bigger problems than just a DoS attack.)
Ultimately, it's not a bad document, but you can find similar things without going to the NSA, and they've been available for a lot longer than three years.