The Art Of War And ECommerce Essay — страница 5

  • Просмотров 417
  • Скачиваний 4
  • Размер файла 27

can compromise one of the other sites on the server, it’s possible he could extend his control to the server itself, in which case he could control all of the sites on it including yours. If you’re on a shared server, it’s important to find out what the server administrator’s policies are. Law #5: Weak passwords trump strong security. The purpose of having a logon process is to establish who you are. Once the operating system knows who you are, it can grant or deny requests for system resources appropriately. If a bad guy learns your password, he can log on as you. In fact, as far as the operating system is concerned, he is you. Whatever you can do on the system, he can do as well, because he’s you. Maybe he wants to read sensitive information you’ve stored on your

computer, like your email. Maybe you have more privileges on the network than he does, and being you will let him do things he normally couldn’t. Or maybe he just wants to do something malicious and blame it on you. In any case, it’s worth protecting your credentials. Always use a password it’s amazing how many accounts have blank passwords. And choose a complex one. Don’t use your dog’s name, your anniversary date, or the name of the local football team. And don’t use the word “password”! Pick a password that has a mix of upper- and lower-case letters, number, punctuation marks, and so forth. Make it as long as possible. And change it often. Once you’ve picked a strong password, handle it appropriately. Don’t write it down. If you absolutely must write it

down, at the very least keep it in a safe or a locked drawer the first thing a bad guy who’s hunting for passwords will do is check for a yellow sticky note on the side of your screen, or in the top desk drawer. Don’t tell anyone what your password is. Remember what Ben Franklin said: two people can keep a secret, but only if one of them is dead. Finally, consider using something stronger than passwords to identify yourself to the system. Windows 2000, for instance, supports the use of smart cards, which significantly strengthens the identity checking the system can perform. You may also want to consider biometric products like fingerprint and retina scanners. Law #6: A machine is only as secure as the administrator is trustworthy. Every computer must have an administrator:

someone who can install software, configure the operating system, add and manage user accounts, establish security policies, and handle all the other management tasks associated with keeping a computer up and running. By definition, these tasks require that he have control over the machine. This puts the administrator in a position of unequalled power. An untrustworthy administrator can negate every other security measure you’ve taken. He can change the permissions on the machine, modify the system security policies, install malicious software, add bogus users, or do any of a million other things. He can subvert virtually any protective measure in the operating system, because he controls it. Worst of all, he can cover his tracks. If you have an untrustworthy administrator, you

have absolutely no security. When hiring a system administrator, recognize the position of trust that administrators occupy, and only hire people who warrant that trust. Call his references, and ask them about his previous work record, especially with regard to any security incidents at previous employers. If appropriate for your organization, you may also consider taking a step that banks and other security-conscious companies do, and require that your administrators pass a complete background check at hiring time, and at periodic intervals afterward. Whatever criteria you select, apply them across the board. Don’t give anyone administrative privileges on your network unless they’ve been vetted and this includes temporary employees and contractors, too. Next, take steps to

help keep honest people honest. Use sign-in/sign-out sheets to track who’s been in the server room. (You do have a server room with a locked door, right? If not, re-read Law #3). Implement a “two person” rule when installing or upgrading software. Diversify management tasks as much as possible, as a way of minimizing how much power any one administrator has. Also, don’t use the Administrator account instead, give each administrator a separate account with administrative privileges, so you can tell who’s doing what. Finally, consider taking steps to make it more difficult for a rogue administrator to cover his tracks. For instance, store audit data on write-only media, or house System A’s audit data on System B, and make sure that the two systems have different