Hi guys,
Im thinking about getting a linux and security cert. Would comptia security and
Linux plus be the best to start with?Also do you guys ever get together as a
group?
On Monday, April 4, 2016 5:02 AM, Edmund Cramp <[email protected]> wrote:
#yiv1160609812 #yiv1160609812 -- _filtered #yiv1160609812 {panose-1:2 4 5 3 5
4 6 3 2 4;} _filtered #yiv1160609812 {font-family:Calibri;panose-1:2 15 5 2 2 2
4 3 2 4;} _filtered #yiv1160609812 {font-family:Tahoma;panose-1:2 11 6 4 3 5 4
4 2 4;}#yiv1160609812 #yiv1160609812 p.yiv1160609812MsoNormal, #yiv1160609812
li.yiv1160609812MsoNormal, #yiv1160609812 div.yiv1160609812MsoNormal
{margin:0in;margin-bottom:.0001pt;font-size:11.0pt;}#yiv1160609812 a:link,
#yiv1160609812 span.yiv1160609812MsoHyperlink
{color:#0563C1;text-decoration:underline;}#yiv1160609812 a:visited,
#yiv1160609812 span.yiv1160609812MsoHyperlinkFollowed
{color:#954F72;text-decoration:underline;}#yiv1160609812
p.yiv1160609812MsoPlainText, #yiv1160609812 li.yiv1160609812MsoPlainText,
#yiv1160609812 div.yiv1160609812MsoPlainText
{margin:0in;margin-bottom:.0001pt;font-size:11.0pt;}#yiv1160609812
p.yiv1160609812MsoAcetate, #yiv1160609812 li.yiv1160609812MsoAcetate,
#yiv1160609812 div.yiv1160609812MsoAcetate
{margin:0in;margin-bottom:.0001pt;font-size:8.0pt;}#yiv1160609812
p.yiv1160609812MsoListParagraph, #yiv1160609812
li.yiv1160609812MsoListParagraph, #yiv1160609812
div.yiv1160609812MsoListParagraph
{margin-top:0in;margin-right:0in;margin-bottom:0in;margin-left:.5in;margin-bottom:.0001pt;font-size:11.0pt;}#yiv1160609812
span.yiv1160609812BalloonTextChar {}#yiv1160609812
span.yiv1160609812EmailStyle19 {color:windowtext;}#yiv1160609812
span.yiv1160609812EmailStyle20 {color:#1F497D;}#yiv1160609812
span.yiv1160609812EmailStyle21 {color:#1F497D;}#yiv1160609812
span.yiv1160609812EmailStyle22 {color:#1F497D;}#yiv1160609812
span.yiv1160609812EmailStyle23 {color:#993366;}#yiv1160609812
span.yiv1160609812EmailStyle24 {color:#1F497D;}#yiv1160609812
span.yiv1160609812EmailStyle25 {color:#1F497D;}#yiv1160609812
span.yiv1160609812PlainTextChar {}#yiv1160609812 .yiv1160609812MsoChpDefault
{font-size:10.0pt;} _filtered #yiv1160609812 {margin:1.0in 1.0in 1.0in
1.0in;}#yiv1160609812 div.yiv1160609812WordSection1 {}#yiv1160609812 _filtered
#yiv1160609812 {} _filtered #yiv1160609812 {} _filtered #yiv1160609812 {}
_filtered #yiv1160609812 {} _filtered #yiv1160609812 {} _filtered
#yiv1160609812 {} _filtered #yiv1160609812 {} _filtered #yiv1160609812 {}
_filtered #yiv1160609812 {} _filtered #yiv1160609812 {}#yiv1160609812 ol
{margin-bottom:0in;}#yiv1160609812 ul {margin-bottom:0in;}#yiv1160609812 >
Would you care to share without giving away the store a broad definition of a
locked-down network? I’ll post our setup for comment: Our first line of
defense is the firewall – which, from the outside, is drop all by default with
only the ports needed for specific services open - and those ports only go to
the machines that need them. The second line is the mail server – everything
goes through the AV filter (Kaspersky), obvious infections are refused at the
mail server and anything that gets past the AV filter is then content filtered
– all mail with a .exe, .src, ,docx, .xls, .xlsx .bat, html attachment etc
(the list is long), or a zip file that is password protected is quarantined.
Anything that gets through both the AV and content filter goes through Spam
Assassin before it reaches the users mailbox. The third line of defense is
that NOBODY has default administrative privileges on any Windows PC and all
PC’s are patched up to date and run Windows Defender. And finally – Smart
Users who are very skeptical of social engineering, “Hi Jane, this is Ben. I
need to transfer money to a customer ASAP to seal this deal, what’s the Wire
Transfer password” and sudden emails from friends with a one line hyperlink.
So that’s the defense but it’s not “locked down” by my book – these are the
weaknesses that I see in our network: 1. PDF files are allowed into the
network – these are not a huge threat at the moment, I hear stories of spear
fishing with PDFs but I don’t think we rate that high in anyone’s interest.2.
Javascript – I try to keep this off the systems but so many things use it
that we install it on demand and try to remember to remove it afterwards.3.
Flash – Again, remove on sight but sometimes it has to come back for one web
site of another.4. Drive by (ad network based) infections – all PC’s have
three browsers installed, Firefox with AdBlockPlus and NoScript for default and
general use, Chrome for when you want to access a site without ABP and NS, and
Internet Explorer for anonymous use (no history, no cookies, everything deleted
on exit). Backups currently work like this but I’m thinking about changing
this in light of the ransomware threat: The main NAS is backed up off-site in
real-time.A daily backup of the NAS is pulled via Rsync to another machine
every night at midnight with each day stored separately for 5 days of history.
Regards,
Edmund Cramp
--
"HTML's a cheap whore. Treating her with respect is possible, and even
preferable, because once upon a time she was a beautiful and virginal format,
but you shouldn't expect too much of her at this point."
_______________________________________________
General mailing list
[email protected]
http://brlug.net/mailman/listinfo/general_brlug.net
_______________________________________________
General mailing list
[email protected]
http://brlug.net/mailman/listinfo/general_brlug.net
