|
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Interview: Do your assets look fat in your datacenter? | iBot | Solaris BigAdmin RSS | 0 | 01-23-2009 09:30 AM |
| Microsoft Surface | iBot | Complex Event Processing RSS News | 0 | 12-14-2008 10:50 AM |
| reducing /usr HP-UX 11i | elshamy_s | HP-UX | 2 | 02-14-2008 11:23 PM |
| Financial group trusts Linux platform to protect customers' assets | iBot | UNIX and Linux RSS News | 0 | 01-10-2008 05:20 PM |
| Linux MPX Multi-touch Table May Become Free DIY Microsoft Surface ... - Gizmodo.com | iBot | UNIX and Linux RSS News | 0 | 07-16-2007 03:10 PM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
07-31-2009
|
|||||
|
|||||
|
Defending Information Assets by Reducing the Attack Surface
The best way to protect an Information Asset is to reduce its attack surface. And that should always be the first line of defense. We should also implement appropriate security controls to avoid any attacks on the residual risk and to mitigate the amount of damages.
The first and most important step in reducing the attack surface is to identify the Weakness / Vulnerabilities on an Information Asset. Steps in Identifying the Vulnerabilities include: 1. Identifying vulnerabilities in the Application 2. Identifying vulnerabilities in the Host 3. Identifying vulnerabilities in the Network Once the vulnerabilities are identified, the next step would be reducing the attack surface. There are many ways to reduce the attack surface of an information asset including but not limited to: 1. Limit access to the Information Assets. 2. Limit Privileges (Enforce Least Privilege policies) 3. Reduce number of services installed on the device (Remove or shutdown unwanted services) 4. Limit the number of communication Protocols A Narrowed Attack Surface will reduce the likelihood of an attack and mitigates the extent of damage even if an attack occurs. Access to an Information Asset can be limited by enforcing strong access control methods. Access to an Information Asset can also be limited by reducing the entry points (console access, ports etc.,). Unwanted ports and protocols should be disabled on all information systems. Critical Applications should only be installed on a dedicated systems and all unwanted ports, services should also be disabled. I will be discussing various methods we can follow to identify vulnerabilities and to reduce the Attack Surface in Applications, Hosts and Networks in the next 3 posts. Part 1: Identify and Reduce Attack Surface in Applications Part 2: Identify and Reduce Attack Surface in Host Part 3: Identify and Reduce Attack Surface in Network Disclaimer: "What ever I discussed here are my personal opinions and they do not represent the opinions or positions of my employer". More... |
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Hybrid Mode
