Identifying enterprise network vulnerabilities
暂无分享,去创建一个
T his article is the third of the series on risk assessment. In the first article, we briefly discuss frame relay network versus leased lines, network management life cycle and a risk management program. We show how coordinated denial-of-service can attack a network. The second article looks at whether to identify assets or threats as the first step in risk assessment. In future articles, we will cover safeguards and the cost effectiveness of implementing them. In this article, we will talk about identifying vulnerabilities in an enterprise network environment. As vulnerabilities are inherent in distributed networks, the world cannot afford to have network resources adversely affected by coordinated denial or service and other Internet attacks. According to CERT Coordination Center (CERT/CC), the number of vulnerability reports rose from 171 in 1988 to 1090 by 2000 and 633 by the first quarter of 2001. As we enter 2002, we will see more than 2500 database entries. The data base will grow to accommodate new reports, as enterprise network systems become more complex, widespread and more susceptible to attack. Regardless of its size, a distributed network introduces the need to focus attention first on physical security and then the risk of unauthorized access to a system that, particularly runs unnecessary services, has not periodically removed temporary files or has not been configured properly. Hackers have used dialup telephones, network technologies and password guesswork to gain illegal system access. They exploit weaknesses in software access controls to enter different systems. In another instance, many network system administrators (and Internet software developers) leave their machines up and running and accessible by distributed networks 24 hours a day, seven days a week. They give hackers many more opportunities to break into a system (or an entire suite of systems). Network intruders, in addition, are constantly updating their attack technology in order to compromise or destroy corporate information systems across the geographical borders. One way of protecting your corporate information systems is to reduce, mitigate or eliminate the risks of actual threats from occurring. To do so, you need a good risk management program and should treat it as number one priority when you consider a security policy on network management. If you already have the program in place, review and update it to reflect more flexibility in identifying assets, threats, vulnerabilities and safeguards in response to emerging and improved network technologies.
[1] Marian Myerson. Risk management processes for software engineering models , 1996 .
[2] Caroline R. Hamilton. New Trends in Risk Management , 1998, Inf. Secur. J. A Glob. Perspect..