Cory Scott Systems Management in an Untrusted Network
0Cory Scott, Lead Security Consultant - Securify, Inc.
Systems Management in an Untrusted Network: Dealing with backups, monitoring, administration, and logging in the DMZ
Throughout the progression of networked systems from mainframe computing to the Internet world of today, the solutions available to system and network administrators for handling core tasks have also progressed. Applications and protocols for backups, logging, remote access, and monitoring have gotten easier to use, quicker to deploy, and commercially supported. However, these solutions don't necessarily take security into account. While the risk presented by deploying a systems management application with poor security may be mitigated when it is deployed in an internal network, the risk may not be acceptable in an untrusted network or DMZ environment. One only needs to look as far as the ongoing exploit of SNMP vulnerabilities on Internet-accessible hosts to see where the risk management failed. Nonetheless, administrators must keep a careful balance between security and convenience, as the management solutions save time and reduce downtime.
The goal of this presentation is to discuss how to implement systems management components in untrusted or semi-trusted networks with an eye towards security. Solutions for backups, monitoring, administration, and logging will be discussed. Network architectures that support a secure deployment of these solutions will be presented and evaluated. General tips and techniques for deploying applications for systems management will be presented.
Cory Scott has over six years of experience in network and systems security architecture. As a lead security consultant at Securify, he performs in-depth technically oriented tasks for his clients, including secure architecture design, configuration review, incident response, and protocol analysis. Some of his previous engagements have included network and system architecture reviews, in-depth application review and design work, operational and procedure reviews, and emergency response for internal and external incidents for financial institutions, healthcare organizations, security software companies, and e-commerce companies. He is also the Acting Chief Security Officer for Securify, responsible for building an internal security office for Securify's Managed Security Service offering, as well as general corporate security.
He has written on security issues for Windows NT Systems magazine and securityfocus.com. He is also a technical editor, editing books on networking, systems, and security for Macmillian, Osborne, and O'Reilly.
Black Hat - USA - 2001 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security