What's On Your Network?

An anonymous reader writes "According to a Whitedust article you may currently have more on your network than you think you do. The article claims that not much security attention is generally given to one of the most elusive aspects of computer security; that of physical connectivity." From the article: "Broadcast traffic is on the rise, with more suspicious user activity in the logs every day. Then one morning you get a call from your irate boss wanting to know why he no longer has a network connection, yet the employees - or students or whoever - down the hall are able to play games and visit porn sites, at blazing speeds no less."

Maybe this is just me...

[PhilipPeake]

but isn't this the sort of stuff that ANY network admin worth their salt should be completely aware of? If they need to be told this stuff they are not (IMHO) worth employing as other than apprentice network engineers. Or is this level of admin common in Windows environments?

Re:Maybe this is just me...

[cavtroop]

Also, try to remember that most companies IT departments are still short staffed, and pro-active monitoring like network scanning, etc. gets put way on the back burner. I agree with you, and am just playing devils advocate here :)

Re:Maybe this is just me...

[einhverfr]

Well... Here is my attitude towards the whole thing... Sudden enforcement is generally a problem for reasons you mention.

However, when you are planning or deploying your network, it makes sense to add filters to nearly all routers (a standard filter set) which allows you to monitor for certain types of common misconfigurations and problems. This can be largely automated so you don't have to dedicate a large amount of manpower to reading and parsing through logs. Ideally such a router management infrastructure would require very little overhead to manage.

When something turns up, you need to investiate it. Find out what is going on. If it is an in-house server some department is running, find out what it is doing, discuss what needs to be done about it, and find out what you can do to add the required functionality to your server infrastructure (one possibility is to grant the department some level of approval in operating the server if it is important to the business).

Security exists in a balance with LOB requirements. Heavily pushing one or the other side is a recipe for business failure.

Interesting points but possibly too specific

[Sv-Manowar]

This article raises the issue of internal network security, which is something that's been increasing in profile as a security risk over the past few years as ethernet/wifi enabled devices get smaller, cheaper and easier to hide. However, this article's specific Cisco approach to dealing with things by tracking them back through routers and cisco-specific tools seems to be of less use than more general scanning and identification measures.

It's safe to say a good proportion of administrators already on networks with devices migrating on and off at will already have a consideration for these problems, and the specific approach detailed in the article may not be of best use to those less experienced admins starting to tackle this issue on their networks.

Re:DHCP fun

[autocracy]

Or... "not unsurprising?"

Age old machines that just run and are scattered around without sense can certainly fall to that. What about Sun and losing a major chip fab machine? Turned out some recently departed developer's desktop ran something that was critical to operations, but was formatted after he left. I'm off on the details as to what purpose it fulfilled, but its disappearance was noted at the executive (CIO) level because of its disturbance to the company's operations. Whoopsie?

Porn Sites hurt Feelings.

[ebooher]

Could someone please tell me why employees browsing porn sites is such a big fucking deal? How is it different than employees browsing /.?

IT security people at corporations are becoming porno hunters. Be proud, guys.

You apparently do not live in the U.S. You see, here we have these things called laws that are written and voted upon by hairless monkeys that are given offices by people that can't be bothered to read and vote on these "laws" themselves.

Some of these "laws" revolve around personal opinion and human emotions known as "feelings." They state that if you do something that hurts someone elses "feelings" you will go to jail and have to give them a lot of money.

This has caused a rash outbreak of people "sniping" or hiding out in bushes that sometimes decorate offices and awaiting an unsuspecting employee to briefly brush past a site holding pornographic material. Google.com is a good example. In this instant they leap from the previously hidden sniping bush and proclaim that the barest hint of an unclothed nipple has hurt their "feelings"

This results in a winning lawsuit in which the unknowing employee receives a new boyfriend at the same time that he is given to the sniper as a money slave for the rest of his life. Sometimes it even results in the closing of an entire company and results in a rise in unemployment which these people called "taxpayers" really have something against.

A couple of years ago something that looked almost like a nipple, but clearly wasn't, caused a major change in the entire U.S. broadcasting industry because of all the people whose "feelings" the wardrobe malfunction had caused to be hurt.

This has caused companies to be very careful about keeping anything that could possible hurt "feelings" out of their offices and off of their computers. Where I work, we usually just leave the computers turned off ....