This article covers some of the main components and techniques for securing your corporate network. Before you select which component(s) you need for your security model, decide how you want to lay it out, what protocols to use, and what hardware/software combinations are within your budget’s grasp.
Networking Security Concepts
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
They guy that wrote this seems to be someone, maybe 18 years old, that is studying the stuff but has no real-world experience.
He threw in some cool buzz words though.
yeah definately, also the dude did seemingly NO research whatsoever. an entire section devoted to encryption but leaves out AES/rijndael? wtf?
at that point i stopped reading and started skimming. fluff piece, move along, there is nothing to see here.
It says (beginner) in the title of the linked article. (I would not expect a man page…)
So what’s the issue here? Was it wrong of the author to write it, or wrong of OSNews linking to it?
Don’t regard your home network as a ‘safe area’ because there’s a router/firewall separating it from the big, bad, internet.
Users will download & run all kinds of crap on their PC’s, and malware can use the PC it’s on, as a home base to corrupt other systems (including router/firewall) in your network.
Are you one of those users, and want your computer to be safe? Disconnect it, or take measures to secure your own box. BTW: this rule applies to other networks too.
Left turn much?
i dont expect a man page either, just correct AND current information. this article was written for beginners BY a beginner. that is our problem with it.
I think it’s a very good article and has some nice entrees for the beginner that wants to learn something about the basics of security.
In my opinion the article is well written and explains things rather well, maybe its not complete but what do you expect ??? It’s an article not a book
For the people saying that’s it’s written for a beginner BY a beginner.
First try to type some good argumentations before you yell such ignorance sentence.
Every article concerning security is discussable but i actually never read such arrogant responses that really have nothing important to say.
I would say if you can do it better then the article writer…then do it. Or at lease post your commons also on the Linux exposed website so that the article writer can response on such hilarious comments.
DES has been officially called to retired by NIST. AES is the standard. At least get the duckies in a row if it is for beginners…
He is using “no service password-encryption”
He mentions the reason for encrypting passwords is so that users cannot see the enable password but makes no mention of the fact that you need to be enabled (and by extension, know the enable password) in order to “show run” to begin with.
He mentions authentication methods but left out TACACS+ and RADIUS?
He didn’t mention that you can restrict accounts from being able to do a “show run” and let them instead “show tech-support” as it includes all the info minus the encrypted passwords.
The topics he lightly covered, he could have covered more relevant info. There were points he didn’t cover (like switched Ethernet) but didn’t. I could probably come up with a 100 nit-picks about it.
I give him points for writing ability and he seems enthusiastic enough to show potential. But I don’t think his paper is “OS News” or that useful to the people that would need it.
Sort of like a UNIX security paper that din’t cover setuid, chroot, chmod, or permissions.
yeah definately, also the dude did seemingly NO research whatsoever. an entire section devoted to encryption but leaves out AES/rijndael? wtf?
Having scan read the article due to all the negitivity here however this caught my attention from the article:
AES a symmetric 128-bit block data encryption technique developed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The U.S government adopted the algorithm as its encryption technique in October 2000, replacing the DES encryption it used.
And he appears to point out the potentical problems with all the things he suggests, which is a good thing. I’m going back to read the article properly now.
Hey everybody. I haven’t had a chance to read the article yet, but based on the comments here, wouldn’t it more constructive for some people to provide positive suggestions/improvements to the article for both the author and it’s readers? Rather than bashing it with negativity?