[ISN] UK: Hide Behind a Firewall to Beat Cyber Criminals

From: mea culpa (jerichoat_private)
Date: Mon Aug 03 1998 - 21:44:16 PDT

  • Next message: mea culpa: "[ISN] Long-filename email exploit reply"

    Forwarded From: Nicholas Charles Brawn <ncb05at_private>
    COMPUTER crime in Britain is doubling every year. And as the number of
    corporate networks reaches record levels, thousands of companies routinely
    fail to implement security measures to prevent theft of information and
    corruption to systems. 
    No organisation seems safe as hackers wreak havoc to systems across the
    corporate and public sectors. According to a recent survey by the
    Department of Trade and Industry, security lapses have cost companies #1.5
    billion since 1992. During this period, the cost of an average security
    breakdown soared from #2,000 to #9,000, with the single most expensive
    reported incident a #1.2 million fraud in an insurance company. 
    Computer security is slowly being forced to the top of the corporate IT
    agenda. Today, protection goes beyond locking confidential floppy disks in
    a desk drawer. Encryption, virus protection and firewalls are playing an
    increasing role in these companies' armouries. 
    Networks have enabled organisations to increase their productivity and
    efficiency by managing the flow and access to information. Businesses are
    increasingly utilising the internet to improve processes and firewalls
    represent the net-work's first line of defence against intruders.  These
    software and hardware barriers stand between the private, internal network
    and its connection to the outside world, such as the internet. The
    firewall provides an extra layer of protection and regulates and controls
    The firewall can be configured in such a way as to restrict individual
    from sending e-mail out of the company and barring them from having access
    to the internet. External access may also be limited as few companies
    would allow access to files and information by the general public or
    competitors.  As the pace of technological development accelerates, there
    are an increasing number of firewall technologies available. For example,
    simple packet filters will deny access to any piece of information where
    the source and destination address has not been authorised by the system.
    To set up the filters, you need to define a set of rules for the filtering
    code. This will allow the system to decide whether the packet should be
    allowed to pass or not. 
    On the other hand, proxy-based systems provide additional security. They
    also offer multiple authentication mechanisms and network address
    translation (NAT). 
    NAT allows internal internet addresses, or internet protocols, to be
    hidden. Packets sent from a host behind the firewall will appear to have
    been sent from the firewall's external address. This makes the sender
    invisible to the internet, which makes it difficult for hackers to track
    down the network information and addresses required. 
    Stateful inspection is the most sophisticated technology available. 
    Firewalls modelled around this technology interrogate the packets based on
    source, destination, protocol and communications port. 
    Addressing external threats is only half the battle, however. The greatest
    threat to privacy often comes from internal users. Disgruntled employees
    and saboteurs with limited authorised access to the network can often do
    more damage than someone accessing the system through the internet. 
    Sometimes, computer security problems can even involve individuals with
    legitimate access to the system who just do the wrong thing at the wrong
    To combat such internal threats, security should be considered from the
    outset. It should not be seen as just another aspect of the system that
    can be thought about at the last minute and added at the end of the
    project.  The long-term needs of the system must also be assessed. While
    the physical configuration of the network and the software may be
    sufficient for today's requirements, the question is whether you will be
    able to accommodate a major upgrade in two years. 
    Networks are playing increasingly mission critical roles in most
    organisations. By failing to properly address security, companies expose
    themselves to incalculable risks. Assessing the potential exposure and
    developing measures to tackle the risks will secure the competitive
    advantage achieved from a well-managed networking environment. 
    SCOTSMAN 22/07/98 P6 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:10 PDT