Articles
Writers

How to Enhance Computer Network Security

What Administrators can do to Minimize Risks and Protect Servers

© Fleur Hupston

Sep 8, 2009
Computer Network Security, McBride2008
The network administrator is responsible to ensure that there is a secure network. A closer look at proxy servers, internal hackers and network security solutions

There are a number of measures a Network Administrator can take to enhance network security within the company.

Proxy Server Security

A proxy server connects to the Internet on behalf of the users and serves the web pages to them as they request. A proxy server will also keep pages in cache and serves these pages to other users without connecting to the Internet to save on bandwidth.

Another advantage of implementing a Proxy server is that the Administrator has more control over who accesses the Internet and when. The Administrator can also block objectionable web sites if he wishes. Users often pick up computer viruses by visiting non-work related websites, networking security will limit this risk.

The Network Administrator should also take care to close the ports that are used for Internet browsing (in particular port 80) on the firewall, except for use by the Proxy server itself. For example, if port 80 were left open for all traffic thought the firewall, a user might be able to circumvent the proxy server without anyone knowing about it. On the other hand, closing port 80 forces users to use the proxy server.

Typically a proxy server will give the Network Administrator reports which will allow him to see dangerous trends developing amongst Internet users, whether it be the time spent on the Internet or the type of sites visited.

Protect Servers From Internal Hackers

Since most hacking comes from within the company where security is more lax, it is imperative that a Network Administrator take steps to limit this risk. Here are a few things a Network Administrator can do to enhance computer network security within the company.

  • Physically secure the company servers behind locked doors. Limit the access to these servers to a few authorized personnel.
  • View server log files for evidence of suspicious activity like multiple logon failures. This could be a sign that someone is trying to hack in. Often it is not “what you see” but “what you don't see”, so check log files to see if there are chunks missing. Hackers will attempt to cover their tracks by deleting out evidence in log files. Missing entries could indicate the presence of a hacker.
  • Install hacker detection software. The package “Tripwire” is a well know utility that will alert the Network Administrator is someone tries to hack into the server.
  • Keep all Servers up to date with the latest security updates.
  • Change the administrator “username” on Microsoft Servers so that a hacker will have to guess the “username” and the “password”. Keep a user call “administrator” but give that user no rights to the server.
  • Unfortunately, on Linux servers, the “root” username can't be changed. The user “root” is the Linux equivalent of “administrator”. In view of this, disable remote login for the “root” user. Rather log in remotely as a normal user, then switch to the root user once connected. Never leave a remote session open when unattended.
  • Ban the use of so called ethical hacking tools within the organization. If anyone is caught using these tools without permission, their motive can then be questioned. The Linux tool “nmap” is an example of this. Nmap is a port scanner, allowing the user to see which ports are open on a server and thus highlighting possible vulnerabilities.
  • Always log off once finished with an administrative session. Use a superuser account where possible to preform administrative tasks.
  • Linux server administrators should check the “/etc/passwd” file on a regular basis for any user other than root that has a user ID or group ID of “0”. Some administrators give other users root's user ID of “0” as a way of giving ordinary users root privileges. Be aware that this practice is not advised. There are other, more secure ways of giving users access to preform certain administrative tasks.
  • As an extreme precaution take away CDROMS, floppy drives, keyboards, mouses and monitors from servers that don't require physical access.

Many companies overlook the security risks coming from within their organization since the the perception is that the greater risk comes from outside. The biggest risk however, comes from disgruntled or unethical staff members seeking to do damage to the company or steal data for the opposition. The Network Administrator should analyze these potential risks on a regular basis.

Source:

Peter Hupston, Linux Network Administrator, 7 September 2009

More Articles on Network Security that May Interest the Reader:

Internal Network Security Solutions - Identifying Risks

How to Implement a Network Security Solution


The copyright of the article How to Enhance Computer Network Security in Computer Hardware/Accessories is owned by Fleur Hupston. Permission to republish How to Enhance Computer Network Security in print or online must be granted by the author in writing.


Computer Network Security, McBride2008
The Network Administrator Can Block Sites, Continuinged
Network Security Solutions , Steven3011
    


Post this Article to facebook Add this Article to del.icio.us! Digg this Article furl this Article Add this Article to Reddit Add this Article to Technorati Add this Article to Newsvine Add this Article to Windows Live Add this Article to Yahoo Add this Article to StumbleUpon Add this Article to BlinkLists Add this Article to Spurl Add this Article to Google Add this Article to Ask Add this Article to Squidoo




about us Limelight Blog freelance writing jobs careers press room Site Map Terms & Conditions Privacy Policy