Re: Altavista v TIS toolkit on Linux, which is better?

[Ted Doty <ted () iss net>]

At 12:24 PM 11/12/97 +0000, Chris Booth wrote:

[details on configuration deleted]

> We don't have much money so I use as much freeware as possible, and I don't
> have *any*  time.

At the recent cyber crime conference in Washington DC, Jim Settle (former
head of the FBI computer crime squad) made the following recommendations to
on how to move from a 20% security level to 80%.  These include:

Move to one-time passwords (e.g. s/key)
Implement password management schemes (e.g. passwd+)
Encrypt sensitive/proprietary  information (e.g. PGP)
Implement network monitoring tools
Use vulnerability tools regularly against your own network (e.g. COPS,
SATAN II)
Run war dialers at least every 6 months
Hot test disaster recovery plans
Perform regular penetration testing, and use outside consultants to verify
results
Establish an Incident Response procedure
Establish an Incident Response Team
Secure network elements owned by 3rd parties (such as ISP supplied routers)

Note that almost all of these can be had for free, less the time needed to
set them up.

The key quote for your situation: “Most networks can move from the 20%
level of protection to the 80-90% level by allocating $50,000 a year for
3-5 years.”

Relating this back to your original point, namely a lack of money combined
with a lack of time, your best bet likely is to get another administrator
to help out.

- Ted

--------------------------------------------------------------
Ted Doty, Internet Security Systems | Phone: +1 770 395 0150
41 Perimeter Center East            | Fax:   +1 770 395 1972
Atlanta, GA 30346  USA              | Web: http://www.iss.net
--------------------------------------------------------------
PGP key fingerprint: 362A EAC7 9E08 1689  FD0F E625 D525 E1BE