tailieunhanh - Open Source Security Tools : Practical Guide to Security Applications part 19
Open Source Security Tools : Practical Guide to Security Applications part 19. Few frontline system administrators can afford to spend all day worrying about security. But in this age of widespread virus infections, worms, and digital attacks, no one can afford to neglect network defenses. Written with the harried IT manager in mind, Open Source Security Tools is a practical, hands-on introduction to open source security tools. | JV Page 159 Thursday June 24 2004 11 11 AM Considerations for Vulnerability Scanning 159 version. But also make sure you aren t running your scan during a backup. Not only could you cause a corruption of your backup data but both processes will slow to a crawl. Time Your Scan Along the lines of the last comment make sure you coordinate your scan to get the results you want with minimal impact on other employees. Scanning the mail server at 8 00 . when everyone is getting their e-mail will probably not make you very popular with the staff. Schedule scans on always-up servers for off-hours and be sure to avoid overlapping with other system administration and general activity levels scanning an accountant s network on April 14th is not a good idea . If you are scanning internal machines you will probably want to do it during the day unless you can arrange for everyone to leave their machines on at the end of the day. The best time to do it during business hours is generally around the lunch hour as a minimal number of people will be using the network. Don t Scan Excessively Schedule your scans as often as you feel is necessary but don t automatically think that nightly scans are going to make your network more secure. If you can t interpret and respond to scan reports on a daily basis then don t do the scan all it will do is put additional traffic on your network. Base your frequency on the capability of your staff to deal with the results. I recommend doing it at least once a month but if you have a particularly busy network you may want to do it weekly. Similarly if you have a very small external network you may feel comfortable with quarterly scans. Daily scans are probably excessive unless you have dedicated staff to handle the remediation work. If you have that much need for up-to-the minute protection then use an intrusion detection system to supplement your vulnerability testing. Place Your Scan Server Appropriately If you want a true test of
đang nạp các trang xem trước