RE: Oh Dear, Where to start?!

[tony tony <tonytorri () yahoo com>]

Alex and Steve,

I would not do what Alex recommends.  You cannot go in like a commando and
start changing everyone os, desktop configuration, apply dhcp/dns, without
doing an impact analysis on current application and LAN connectivity
requirements the current users have.  The last thing you want to do is create a
"denial of service" situation where nobody can do his or her job.  

You need to carefully analyze what needs to be done, determine what impact it
will have, make small changes and make sure nothing breaks, then take another
small step, etc.


--- AKaasjager () enertel nl wrote:
> > So basically, if you had to start from nothing, where
> > would you start first? What would you consider to be
> > the most important things to be implemented? I am
> > literally working from ground zero here... heh!
>
> Ahhh... the joys of being a sysadmin :-)
>
> If I were you, I'd first of all put a lock on any machine that is
> offering services to all users - and I mean a physical one.
> (You'd be surprised how many people consider themselves admin/root
> just because they have a PC at home...)
> Then I'd start securing those servers on software level, followed
> by migrating any services offered by users' machines.
>
> Set a standard OS version, create a locked down version of it
> and apply imaging software like Norton's Ghost - if at all
> possible. One standard config makes tech support so much easier!
> BTW: apply DHCP/DNS in the network, I'm afraid all those people
> have their own IP/hosts setups....
>
> I know it's not very detailed, and lacks in more specific info;
> but I hope its helpful anyway!
>
> Good luck!
> Alex
>  
>
>
> #***************************************************************************
> # 
> # Dit e-mailbericht met eventuele attachments is uitsluitend bestemd voor de
> # geadresseerde(n) en bevat mogelijk vertrouwelijke gegevens en/of is
> # beschermd door intellectuele eigendomsrechten. Bent u niet de
> # geadresseerde, neemt u dan zo spoedig mogelijk contact op met de afzender
> # en verzoeken wij u het e-mailbericht en eventuele attachments van uw
> # computer te verwijderen. Elk gebruik van de inhoud van dit e-mailbericht
> # en eventuele attachments (waaronder verveelvoudiging, verspreiding of het
> # anderzins openbaar maken in welke vorm dan ook) door andere personen dan
> # de bedoelde geadresseerden is verboden. De weergegeven mening is puur
> # persoonlijk en hoeft niet noodzakelijk over een te komen met die van
> # Enertel. Enertel is niet aansprakelijk voor de inhoud van dit
> # e-mailbericht en eventuele attachments.
>
>
>
> ---------------------------------------------------------------------------
> Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
> The Gartner Group just put Neoteris in the top of its Magic Quadrant,
> while InStat has confirmed Neoteris as the leader in marketshare.
>      
> Find out why, and see how you can get plug-n-play secure remote access in
> about an hour, with no client, server changes, or ongoing maintenance.
>           
> Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
> ----------------------------------------------------------------------------


=====
Tony Torri CISSP, CISA, CDP, CIA
Senior IS Security & Risk Manager
360.906.7893 (Work)
Northern Telecom LLP

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------