Data Centers

Members offer security advice: Hack yourself before somebody else does

When Ed Bott posts a challenge, TechRepublic members rise to meet it. This week, Ed reveals the best responses to his challenge concerning preventive security measures, from security audits to a guy in a back office.


Last month, in the same week that Microsoft rolled out a nationwide ad campaign touting the reliability of its Windows 2000 server software, the company's Web servers went offline. For the better part of several days, customers were unable to reach Microsoft over the Web for technical support, product updates, and other information. Microsoft blamed the initial outage on an employee who misconfigured a router but acknowledged that subsequent outages were part of a denial-of-service attack.

For Microsoft, the result was embarrassment and lost revenue. For your company or mine, a direct attack on a Web server could be catastrophic. So I challenged TechRepublic members to come up with preventive measures. How do you test your system to make sure it's as safe as possible? Can you recommend software, hardware, or services that can identify security issues before they become problems? What kind of procedures do you have in place to make sure that the latest patches are applied to Web servers?

Several responses suggested visiting Steve Gibson's Web site, Gibson Research Corporation. That's a fine idea for ordinary Windows users, but Steve would be the first to admit his site isn't intended for Web server administrators. The same applies to the many TechRepublic members who recommended ZoneAlarm, a personal firewall that's great for desktop use. (I covered this topic last year in a column called “Home security.”)

Two TechRepublic members nailed the issue with specific advice for network and Web server administrators and deserve to split the TechPoints I've set aside for this question:

Bule offers this commonsense advice: "The best way to retain your network security is to do frequent security audits, including trying to gain access using easily available hacking tools.

"Ensure that you only run the services you need and only open the ports needed by your network. Your gateway to the Internet should be a system without any important company data or a hardware solution backed up by a firewall. Set up Windows Update notification for the server and have a backup server ready when you need to run the update.

"Always check security bulletins and consider joining 'hacking' mailing groups to find out what's happening on 'the other side' of computer security. The main thing is to regularly test the security yourself...then you know what to find solutions for."

DLW6 shared specific recommendations and enthusiastically endorsed several products from Internet Security Systems. "They offer proactive security assessment scanners, real-time intrusion detection sensors, and security management tools that collate and interpret all the data generated by the scanners and sensors.

"Their network assessment tool is the Internet Security Scanner. It probes all the machines on your network, returning reports on each machine's vulnerabilities that can be tailored to several levels of details, from graphs and charts for managers to multipage 'how to fix it' reports for technicians. It can be configured to scan in many predefined ways or a custom scan based on one of the predefined profiles. They also offer a Database Scanner and a System Scanner to provide detailed assessment at the local machine level.

"Their intrusion detection suite includes the RealSecure Manager, which provides an easy interface to control the sensors that monitor the network, OS, and servers. Each sensor can monitor for user-configurable types of activity and make user-configurable responses in real time, according to predefined or customized templates.

"Their products are easy to use, regardless of your level of proficiency with network security. Their R&D team stays on top of new vulnerabilities and attack forms, issuing alerts and product updates as required. These are very smart people who love their work."

Great recommendation. My favorite advice was this tongue-in-cheek recommendation from TechRepublic member Web Maxtor: "I find my best security tool is the guy named Craig who works in a cube in the back of my office. His extension number is 1226. After implementing any sort of network change, I casually mention it, in passing, to Craig. If the next day, Craig is smirking, I give him five dollars to tell me how he did it."

I'll let you know when they've found a way to shrink-wrap Craig.

Here's Ed's new Challenge
Every technical, professional, and Windows developer I know raves about VMWare. This application, which runs under Windows NT/2000 and Linux, creates "virtual machines" into which you can install different operating systems, including any Windows version. I've tried VMWare, but I'm disappointed by its performance. It takes forever to load, and it seems to creep along at a snail's pace. So I'm challenging TechRepublic members to help me come up with useful tips for configuring and tweaking VMWare. If you use VMWare, share your experiences with other TechRepublic members and earn a share of the 2,001 TechPoints I've set aside. Be specific, and if you have references to external information sources, be sure to include them! If you think you're a VMWare expert, click here to tackle this week's Microsoft Challenge.
If you'd like to share your opinion, start a discussion below or send the editor an e-mail.

Editor's Picks