nanog mailing list archives
RE: OPM Data Breach - Whitehouse Petition - Help Wanted
From: "Darden, Patrick" <Patrick.Darden () p66 com>
Date: Fri, 19 Jun 2015 13:55:38 +0000
Good point. It's a massive job, and sometimes it is best to look at those piecemeal. Start with small goals, and pick low hanging fruit--your example of the server room is good. Set it up with and IDS, a firewall, harden the hosts by turning off/removing unused/unneeded services, setting up tripwire, and encrypt all data on the drives, then look to password policy enforcement. Then start actively securing it (monthly audits, daily log checks, etc.). Doable. Then pick the next lowest hanging fruit and repeat. --patrick darden -----Original Message----- From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Naslund, Steve Sent: Friday, June 19, 2015 8:31 AM To: Stepan Kucherenko; nanog () nanog org Subject: [EXTERNAL]RE: OPM Data Breach - Whitehouse Petition - Help Wanted I think one of their major issues is that they look at too much of the network at a time. If they decided they were going to secure a particular data center or building, they might be much better off. If they start with defending the servers from internal as well as external threats and then move toward the perimeter they might make progress. I think they look at the entire comprehensive network and end up with a number or a project that is too big to fathom. First thing would be current IDP/IDS technology so they would at least know where and what the threats are. Steven Naslund Chicago IL 18.06.2015 18:00, shawn wilson wrote:
I'd actually be interested in a discussion of how much you can possibly improve / degrade on a network that big from a management position.
Current thread:
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted, (continued)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Cryptographrix (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Valdis . Kletnieks (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Nick B (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted shawn wilson (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Stephen Satchell (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Damian Menscher via NANOG (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Cryptographrix (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Ronald F. Guilmette (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted mikea (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Stepan Kucherenko (Jun 18)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Darden, Patrick (Jun 19)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Jim Popovitch (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted William Herrin (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Jim Popovitch (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: Re: OPM Data Breach - Whitehouse Petition - Help Wanted Darden, Patrick (Jun 19)