Tip

Defend against internal network threats

Most network and security administrators have gone to great lengths to secure and protect their corporate networks. Depending on the size of the network and the value of the assets being protected, the network may be shielded by firewalls, antivirus software, spam blockers, antispyware tools or an intrusion detection system (IDS). And there is a variety of other hardware and software products aimed at keeping the bad guys out of your network.

But, what if the attack is from within? Security products do a fair job of guarding the resources they are designed to protect, but some may be transmitting sensitive information on the internal network -- information that could be used to circumvent the security software itself or otherwise compromise network resources. If an unscrupulous employee uses a packet sniffer, he may be able to capture sensitive data that is exposed by the security software.

Security researchers have noted an increase in the number of vulnerabilities being discovered in security products themselves, but even some fully functioning security software may be transmitting sensitive information across the network. What can you do to protect yourself?

  1. Know your security products: As I already mentioned above, there are probably a number of different hardware and software products deployed on the network intended to provide security. To best protect your network, you should understand as much as possible about how the products work,

    Requires Free Membership to View

  1. what data is transmitted and where it is transmitted to and whether those transmissions are encrypted in any way.
  2. Encrypt your data transmissions: If you discover that there is confidential or sensitive information being sent across the network, make sure the data is encrypted in order to protect it. Depending upon the nature of the transmissions, you may be able to employ IPsec or another encryption method.
  3. Watch out for sniffers: Protocol analyzers, also known as network or packet sniffers are useful tools for monitoring and troubleshooting network issues. But, you certainly don't want any employees running rogue packet sniffers and capturing data from the network. Switched networks offer better protection than networks connected via hubs, but they are not immune to rogue packet sniffers either. Detecting sniffers is not easy, but if you suspect that there may be rogue sniffers on your network, invest a little time in learning how to weed them out. It may be a wise investment.

About the author: Tony Bradley is a consultant and writer with a focus on network security, antivirus tools and incident response. He is the About.com Guide for Internet / Network Security, providing a broad range of information security tips, advice, reviews and information. Bradley contributes frequently to other industry publications. For a complete list of his freelance contributions, visit Essential Computer Security.


More information from SearchWindowsSecurity.com

  • Tip: Guard against internal hackers
  • Tip: Conduct internal security reviews
  • Whitepaper: Computing safely: Securing your systems from the inside-out


  • This was first published in August 2005

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.