US expert: The military should guard our cyberspace borders

[InfoSec News <isn () c4i org>]

http://star-techcentral.com/tech/story.asp?file=/2002/1/16/technology/16dod&sec=technology

Wednesday, January 16, 2002
By M. MADHAVAN 

KUALA LUMPUR: Malaysia's information technology infrastructure must be
watched and patrolled by a central body that should include the
Defence Ministry, according to a national security expert at US server
giant Sun Microsystems Inc.

The ministry should look out for any breaches because any damage to
the national infrastructure could cripple the country, said William
Vass, Sun Microsystems corporate software systems IT vice-president.

We are also just a step away from tying many real-world
infrastructures, such as traffic lights, to an Internet Protocol (IP)  
based network, and damage to this type of network would disrupt
people's lives, he said.

The Defence Ministry can translate many of its real-world experience
to the virtual world of cyberspace, such as how to recover from an
attack, Vass said.

The United States sees the breach of any IT infrastructure as
seriously as a physical breach, and this is the main reason its
Defence Dept watches over its networks.

And since the department’s website is one of the most popular targets
for hackers, the lessons it has learnt are used to help beef up the
nation’s security, said Vass, who was previously with the US Secretary
of Defence.

However, to get the Defence Ministry involved would not be easy as it
would probably have to set a special IT department, and this would
involve a substantial investment, Vass told In.Tech.

However, a country’s IT infrastructure is important, and since it will
become even more important in the future, any such cost would be
justified, he added.

The process Vass, who has had more than 20 years’ experience in the
security arena, said that security in any organisation is heavily
dependent on the process of implementing security measures, rather
physical hardware alone.

For instance, if an IT department does not apply patches to its
operating system and firewall in a timely manner, it could jeopardise
the security of its network, he said.

“It is just like the real world – you can have the best security
system in the world but if you don’t turn it on properly, it is of no
use,” he said.

He advises organisations to have at least of three layers of firewalls
made up of different brands that can co-exist together, to protect
themselves from hackers and malicious viruses.

Three firewalls are necessary because a hacker who knows the weakness
of one type of firewall, may be unable to overcome another type, he
said.

Out of the three firewalls, at least one should be a hardware
firewall, while the other two should be software-based.

Hardware firewalls are fast and are good for real-time scanning to
weed out any suspicious data traffic, without dampening the speed of
the network.

Unlike a software firewall, a hardware firewall is not dependent on an
operating system and would not carry any flaws present on the
operating system, Vass noted.

However, because hardware firewalls are not highly customisable, the
nitty-gritty of scanning for intrusion should be left to a software
firewall which is 'infinitely' more customisable, he said.

On the operating system side, he advised organisations to rely on
Unix-based operating systems like Linux and Sun Microsystems’ own
Solaris, because they have very good security measures.

Unix operating systems are built from ground up with security in mind,
he claimed.

Solaris, for example, comes in a “hardened version” where most of the
default settings exploited by hackers, such as guess accounts, are
turned off, Vass said.

It makes it little harder to set up a hardened Solaris, but it is much
more secure, he said.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.