Good Survey of Network Security Software @MacITConf – Part 1

I wish I could handle MAC, but I’ve been a PC guy since abandoning Unix (not Linux) in 1995. Because MAC OS X is based on Unix, I would like to move my computing platform there some day. That won’t be an easy task, never mind the additional investment on hardware. However, iPhone and iPad have given me exposure to Apple’s IOS now and I wanted to find out how Apple products are being used in the enterprise. The timely MacIT Conference discussed that very subject.

One of the sessions that caught my attention was A Survey of OS X Capable Network Security Software and What They do. The presentation was from the view of MAC OS X users, but the result was very much applicable to other platforms.

This 45-minute session was full of useful information about network security tools and processes. The following is a summary of the talk by Dan O’Donnell (@danothebeach), Information Systems Security Officer, Boeing. He covered many things, mainly in bullet form. I do not know how else to present his talk, but I added some comments and links to make the bullets more useful for my readers.

Dan O’Donnell

In any field, if you want to sound like an expert, you should know some jargon. Such jargon as data at rest and data in transit is self-explanatory. (If not, check this link.) His talk was full of jargon and acronyms. I have explained the terms below.

Standards, standard organizations, and certifications

Standards and standard organizations are important considerations for network security.

Standard organizations

  • ŸInformation Systems Audit and Control (ISACA): independent, nonprofit, global association; engages in the development, adoption, and use of globally accepted, industry-leading knowledge and practices for information systems
  • ŸInformation Technology Infrastructure Library (ITIL): the most widely accepted approach to IT service management in the world; owned by AXELOS

Related standards

  • Ÿ   ISO 20000 ———————- IT in general
  • Ÿ   COBIT, ITIL ——————- IT processes

Certifications

Certifications useful for security experts are:

InfoSec models: computer network defense, exploitation, and attack

  • ŸComputer network defense (CND): includes actions taken via computer networks to protect, monitor, analyze, detect, and respond to network attacks, intrusions, disruptions, or other unauthorized actions that would compromise or cripple defense information systems and networks. Joint Pub 6.0 further outlines computer network defense as an aspect of NetOps.
  • ŸComputer network exploitation (CNE): includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks.
  • ŸComputer network attack (CNA): includes actions taken via computer networks to disrupt, deny, degrade, or destroy the information within computers and computer networks and/or the computers/networks themselves.

Vulnerabilities

  • ŸKnown or unknown: Good articles for known vulnerabilities are here and for unknown ones here.
  • ŸDiscovery by scanning: Vulnerability can be found by scanning; this is a good article on this subject.
  • ŸPasswords, ports, and protocols: O’Donnell said that the rainbow table has a table to describe hashed passwords and corresponding original passwords for passwords up to 14 or 15 characters. So passwords at least 16 characters long are safer. A relevant article is here.

Vulnerability databases

NVD is the US government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP).

OSVDB’s goal is to provide accurate, detailed, current, and unbiased technical security information

Continued to Part 2

Zen Kishimoto

About Zen Kishimoto

Seasoned research and technology executive with various functional expertise, including roles in analyst, writer, CTO, VP Engineering, general management, sales, and marketing in diverse high-tech and cleantech industry segments, including software, mobile embedded systems, Web technologies, and networking. Current focus and expertise are in the area of the IT application to energy, such as smart grid, green IT, building/data center energy efficiency, and cloud computing.

, , , ,

No comments yet.

Leave a Reply


*