Network Security: Don’t Trust And Verify – IT Jungle

October 21, 2020Rich Loeber

(Sponsored Content) When your system is connected to a network, you cannot always guarantee the integrity of the person at the far end of a network connection. If your system is connected to the Internet, ethics go out the window altogether. You have to assume that the person at the far end is a bad guy, then proceed from there. With this tip, well outline an approach to this problem that may help you to focus in on how to deal with the bad guys wherever they may be.

Internet bad guys generally fall into two categories, sneaks and bullies. The bullies you can probably identify easiest, they are the ones who go after your system with active attacks. They will try to break into your system, trying just about everything in the book. On our test IBM i server in the office recently, we had a bully come by who tried to log on using over 700 different user profiles in a period of five minutes. Each logon attempt was met by ourSafeNet/i exit point softwareand tossed out right at the point of entry with a security warning message to our security officer for each try. The user profiles were all different and all typical of what you might expect to see in just about any shop in the country. When bullies come after you, they do it with brute force. They can try to spoof your system, guess your passwords, deny others from using your system by keeping it overly busy dealing with their break-in attempt, and much more.

The sneaks are a lot more passive. Sneaks will sit back and monitor network traffic to your system and try to uncover secret information that will then give them what they need to gain access to your system normally. Sneaks are very hard to identify and the have insidious tools at their disposal to get the information they want. This can even include Trojan horses that gather the information for them. Since sneaks are so hard to identify, you should plan your security strategy assuming that someone is always watching your system.

To guard your system against both sneaks and bullies, you need to think about how to layer your system defenses to guard against anything and anyone. If your system is connected to the Internet, you must assume that a sneak or a bully is going to attempt to gain access and plan accordingly. The best defense is always a good offense and you should consider the various layers of your system and have a plan to deal with intruders at every level. This layered approach will help you develop a good defense. The layers you should give consideration to include:

In your plan for network and Internet security, you need to have a plan for each of these layers of control in order to safeguard your system. And, even then, a bully or a sneak might still get past you, so watch out.

If you have questions about details of this tip, feel free to contact me directly by email: rich@kisco.com.

Rich Loeber is president of Kisco Information Systems.

Why You Need To Implement Exit Point Security Now

Whos Watching i? The Kisco, Kid

Budget Relief For IBM i Monitoring Software

Customers React Positively to IBM i Alerting Tool from Kisco

Kisco Debuts Sub-$400 Message Monitor

Kisco Bolsters Network Socket Security

Dont Overlook These Network Auditing Improvements in IBM i 7.3

Kisco Rolls with 2FA, Revs Network Security Tool

Boost Your IBM i Security by Tracking Config Changes

Kisco Hooks SafeNet Into IBMs SIEM

Kisco Gives IBM i Security Tool a Web Interface

Tags: Tags: 5250, IBM i, Kisco Information Systems, Secure Sockets Layer, SSL

IBM i PTF Guide, Volume 22, Number 42Four Hundred Monitor, October 14

Read this article:
Network Security: Don't Trust And Verify - IT Jungle

Related Posts

Comments are closed.