Password Cracking Procedure

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged

1      Introduction

1.1    Overview

Passwords are used in almost every interaction between users and information systems. Most forms of user authentication, as well as file and data protection, rely on user-supplied passwords. Since properly authenticated access is often not logged, or even if logged not likely to arouse suspicion, a compromised password is an opportunity to explore a system from the inside virtually undetected. As attacker would have complete access to any resources available to that user, and would be significantly closer to being able to access other accounts, nearby machines, and perhaps even administrative privileges. Despite this threat, accounts with bad or empty passwords remain extremely common and organizations with good password policy far too rare. The most common password vulnerabilities are that (a) user accounts have weak or non-existing passwords, (b) regardless of the strength of their passwords, users fail to protect it, and (c) the operating system or additional software creates administrative accounts with weak or non-existing passwords. Read More

IT Security Operation Checklist

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作)

Objective:

The IT Security Operation Checklist provides guidelines for IT professionals to perform the daily, weekly, and monthly maintenance and administrative tasks required to keep your infrastructure components and application systems performing optimally. In addition, a checklist is available to help IT to prepare for disaster recovery efforts,  and it helps to keep an IT system operation smoothly. The checklist divides into three sections: 1) IT Infrastructure Components Security Operation Schedule, 2) Servers Backup Operation Log, 3) MFGPRO ERP Operation Log. Take reference to the following checklists as a sample, or adapt them to suit your company’s specific needs. Read More

War-Dialing PROCEDURE

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged

1.        INTRODUCTION

The presence of unsecured or mis-configured modems attached to computers on the network can undermine a well thought-out security plan. Persons unaware of the risks may set up modems on their computers that can be accessed with either non password or an easily guessed password. These modems are then vulnerable to computer criminals who “war dial,” or call numbers systematically until they find a phone number that connects to an unsecured dialup.

If a computer with an unsecured modem is connected to our network, anyone with a little computer skill and malicious intent can use that unsecured modem as a “back door” into our network. Firewalls don’t protect a network against this type of attack because the intruder comes in over phone lines, rather than over the Internet, bypassing firewalls. Read More

Oracle Password Management Policy

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged ,

1        Introduction

1.1        Purpose

Company guidelines for managing passwords define the password security policy. In so doing, all personnel are responsible for maintaining good password practices in their systems.

The purpose of this document is to describe how the password management policy can be introduced and maintained in an Oracle database environment. Read More

IDS Setup and Operations

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作) Tagged

1      Abstract

This document covers the operation of a distributed intrusion detection system.
This manual contains the following:
Chapter 2 Intrusion Detection Procedure
A short introduction to Intrusion detection technology, the procedure around the operations, and follow-up action regarding how to record and keep trace the incident.
Chapter 3 Intrusion Detection
This chapter describes the principles and working of an Intrusion Detection system.
Chapter 4 Component Description
This chapter describes the setup of the different components used in the secure setup.
The central management server will be responsible for the management of all the components.
Chapter 5 Network Setup
The network setup describes how the different components can be placed securely in a site’s network. This is done with centralized management, log consolidation and secure communications between the systems.
Chapter 6 Snort: -Installation, Configuration and Maintenance
This chapter describes the initial installation and configuration and the periodic maintenance.
Chapter 7 Analysis of the results
Analysis of the results obtained through the different IDS sensors have to be analyzed to be useful for the site. This chapter describes the usage of the Analysis Console for Intrusion Databases (ACID)
Chapter 8 Conclusion
This chapter contains the final conclusions of this paper. Read More

ERP (MFGPro) Disaster Recovery Procedure

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作), 3. IT Application (應用軟件), 3.1 ERP System (資源管理) Tagged ,

1.        Purpose

The objective of this plan is to provide a guideline to the organization to continue managing the business through MFGPro and to minimize the disturbance to manufacturing operations in the event that the MFGPro system is totally unavailable and cannot be recovered within 48 hours.

The service provided during the disaster recovery is of survival nature, may not extend to every user, and may require end-users to re-enter the backlog transactions at the commencement of the disaster recovery and at re-starting of the normal operation.

The recovery option will be varied in nature depending on the cause of the outage. This may require set-up of LAN server, secondary processing center, etc. Read More

Windows and UNIX Security Configuration and Patch Update Procedure

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作)

1.        Purpose

Ensuring the continuity of systems that are responsible for hosting the company’s business applications is regarded as of vital importance to our sustained competitiveness. Not only should these systems be protected against the obvious external threats, such as viruses and hackers, they should also be secured against potential, and possibly more dangerous internal “threats”. The rule is that employees should never have more privileges than is necessary for their functions. This issue can be addressed by proper configuration of the systems. Configuration of systems, however, only provides a basic security level. Adapting to the dynamic IT environment requires continuous updating through service packs, hotfixes, and security patches. Figure 1. illustrates this concept. Read More

Server Room Security Procedure

by Posted in 2. IT Security (資訊保安), 2.2 IT Security Operation (保安操作)

1.        Purpose

Many large enterprises employ numerous servers to support their needs. These servers, hosting a business’ most critical applications, are often physically stored at one single location within the enterprise. This concept, commonly referred to as a server farm, provides the benefits of centralized control and management. Nevertheless, this approach has its inherent weaknesses as a collection of servers are more vulnerable to physical damage than distributed servers. This issue, however, can be properly addressed by appropriate security measures. The Company IT’s Server Room Security Procedure addresses the issue and provides policy guidelines necessary to sustain server operations. Read More