Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Web access and e-mail gateway policy

from [Alvin Oga] Network Security [Permanent Link]
Subject: Re: Web access and e-mail gateway policy
Date: Mon, 21 Mar 2005 19:46:11 -0800 

hi ya nik

On Sun, Mar 20, 2005 at 08:52:38PM +0100, Niklaus Schild wrote:


I?m looking for examples and ideas on how to setup some special 
policies, which I?ve never seen in the web so far. The policies I?m 
looking for should guide as a reference for configuring web access and 
an e-mail gateways.


good start for the policy .. but it only covers say 10% of the
"email/web" policy that you'd need

more importantly, for each of those items, you will need to implement
a solution to perform that task and another solution to enforce
that rules and deal with violations of the rules/policy

i'm curious .. is this setup for home or work ??

if for work, its lacking .... if its for home ... it might be a good
start 

how to implement those rules.... some are "free" and already part
of the distro ... other rules are user defined and you have to add
software/perl/xxx-apps to perform the tasks you specified

more important .... bad-boy-pete decides to bypass your rules ... 
now what do you do ?? and how ???

-- the question/problem is that we cannot do those things for you ...

        and i think if you want it solved, either youhave to sit
        down and implement each fo those rules or hire someone
        to implement your "policy rules" for you .. including
        the other 90% of the rules you didn't mention

        - backups, passwds, xxx content, you-been-hacked-now-what,
        people walking out with PC, dhcp, wireless, ...
        firewalls, routers, ... on and on ..

c ya
alvin



The policy should consider the following issues:
 

Web access gateway:
-       scanning of downloaded content
-       blocking of certain file types
-       blocking of certain site categories
-       what happens with infected content
-       log and quarantine management
-       alerting
-       configuration responsibilities
-       configuration change procedure 

e-mail gateway:
-       scanning of e-mails and attachments
-       handling of spam
-       restricting attachment size and type
-       handling of infected attachments
-       log and quarantine management
-       alerting
-       configuration responsibilities
-       configuration change procedure

any other ideas, considerations or suggestions? Thanks in advance!

Nik
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: OT:basic VPN question, bpmlist
Next by Date:  Re: Web access and e-mail gateway policy, Niklaus Schild
Previous by Thread:  Web access and e-mail gateway policy, Niklaus Schild
Next by Thread:  Re: Web access and e-mail gateway policy, Niklaus Schild
Indexes:  [Date] [Thread] [Top] [All Lists]