• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Network Assesment

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Computer Forensics and Incident Response

View previous topic :: View next topic  
Author Message
duster
Just Arrived
Just Arrived


Joined: 06 May 2005
Posts: 0


Offline

PostPosted: Tue Jan 22, 2008 4:39 pm    Post subject: Network Assesment Reply with quote

This is a question for all the security admins out there. I would like to know the steps that you all perform and the tools used in assessing a network for security threats, intrusion, etc. Given this senerio how would you assess this network. 200 windows 2000 client. 5 cisco switches, 40 win2003 servers, 300 remote users. cisco vpn concentrator, pix firewall. 10 remote offices. Any advice will be appreciated
Back to top
View user's profile Send private message
The_Real_Gandalf
Trusted SF Member
Trusted SF Member


Joined: 14 Apr 2004
Posts: 0
Location: Athens,Greece

Offline

PostPosted: Wed Jan 23, 2008 1:11 pm    Post subject: Reply with quote

use a very good IDS , focusing on switches and routers , since the systems are way too much to handle one-by-one.

If you are able though to monitor protocols and ports/services, then you have done 90% of the job.

Gandalf
Back to top
View user's profile Send private message Visit poster's website AIM Address
Fracker
Just Arrived
Just Arrived


Joined: 23 Apr 2008
Posts: 0


Offline

PostPosted: Fri May 02, 2008 8:25 am    Post subject: Reply with quote

Good IDS deployment also need an assessment i guess!!

@Question

Network Assessment is based on your network architecture, if your network has the points where most of the communication has to pass, than i guess deploying IDS on those points will do the most of the Job. But still without reviewing these

For network Devices

1) Reviewing the Architecture, Designs (Especially ACLs, Zones, Policies) of the network
2) Reviewing the changes management details
3) Reviewing the Logs

You can never say it is even closed to complete.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Computer Forensics and Incident Response All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register