Monitoring Your Network A College Approach Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

AVG Internet Security 7.5 Product presentation.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Monitoring Your Network Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop discussion.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Chapter 12 Network Security.

© 2009 VMware Inc. All rights reserved VMware Updates Orlando VMware User Group – April 2011 Ryan Johnson VMware, Inc. Technical Account Manager Professional.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Maintaining and Updating Windows Server 2008

Netop Remote Control Trusted. Secure. Experienced.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Windows Anti-virus and Security WNUG Meeting

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Sophos anti-virus and anti-spam for business OARNET October 13, 2004.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Appliance Firewalls A Technology Review By: Brent Huston T h e B l a c k H a t B r i e f i n g s July 7-8, 1999 Las Vegas.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

Task Scheduler Pro Managing scheduled tasks across the enterprise Joe Vachon Sales Engineer.

Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.

Small Business Edition 4 C707 – Technical overview.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

CERN’s Computer Security Challenge

Honeypot and Intrusion Detection System

User Manager Pro Suite Taking Control of Your Systems Joe Vachon Sales Engineer November 8, 2007.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Vantage Report 3.0 Product Sales Guide

Module 7: Fundamentals of Administering Windows Server 2008.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

How to create DNS rule that allow internal network clients DNS access Right click on Firewall Policy ->New- >Access Rule Right click on Firewall.

What’s New in WatchGuard XCS v9.1 Update 1. WatchGuard XCS v9.1 Update 1  Enhancements that improve ease of use New Dashboard items  Mail Summary >

Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.

1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.

NMS Case Study-I NetScreen Global Manager CS720H.

Exchange Deployment Planning Services Exchange 2010 Complementary Products.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Security fundamentals Topic 10 Securing the network perimeter.

Synchronized Security Revolutionizing Advanced Threat Protection

NetTech Solutions Protecting the Computer Lesson 10.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Module 10: Windows Firewall and Caching Fundamentals.

1 Windows 2008 Server Manager. 2 Server Manager Gives ability to perform effectively server administration without needing to launch a multitude of tools.

WINS Monthly Meeting 06/05/2003 WINS Monthly Meeting 06/05/2003.

Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Maintaining and Updating Windows Server 2008 Lesson 8.

Introducing Kaspersky Anti-Virus 6.0 for Windows Workstations Introducing Kaspersky ® Anti-Virus 6.0 for Windows Workstations.

Windows Vista Configuration MCTS : Network Security.

Security fundamentals

CompTIA Security+ Study Guide (SY0-401)

UTM Content Security Gateway

Critical Security Controls

Module Overview Installing and Configuring a Network Policy Server

Securing the Network Perimeter with ISA 2004

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

CompTIA Security+ Study Guide (SY0-401)

Comodo Dome Data Protection

Presentation transcript:

Monitoring Your Network A College Approach Chris Bamber, IT Systems Manager Somerville College Confidentiality: The contents of this presentation and workshop discussion are to be held in strictest confidence.

29th June 2000 Christopher Bamber 2 Documents to Read Oxford University's Computer Usage Rules and Etiquette Somerville Rules for Computer Use

29th June 2000 Christopher Bamber 3 What We Can Use the Tools for Identifying unofficial servers or services Monitoring usage and traffic statistics Protecting your network from the world Troubleshooting your network Investigating a security incident Keeping logs of users activities for accountability

29th June 2000 Christopher Bamber 4 The Tools Used WS_Ping_ProPack XploiterStat Lite Windows NT Event Viewer Sophos Anti-Virus for NT Sophos Anti-Virus ADMIN Tool Sophos Anti-Virus for Exchange Elron Command View Firewall for NT eTrust Intrusion Detection (Sessionwall) Transcend Workgroup Manager Network Watch from NT Resource Kit

29th June 2000 Christopher Bamber 5 Somerville College Network

29th June 2000 Christopher Bamber 6 Ws_Ping_ProPack This tool gives you basic windows interface into a few very handy utils:- Ping, Scan, TraceRoute, Whois, Lookup etc Doing regular scans of common ports on your network will help to discover unauthorised services or servers Very quick and simple, also cheap £30.00 for a licence

29th June 2000 Christopher Bamber 7 A Port Scan

29th June 2000 Christopher Bamber 8 XploiterStat Lite Port monitoring software, TCP and UDP Free, upgrade available at approx. £30.00 Produce text logs of active connections to your machine or servers Handy for putting a trace on a machine your concerned about

29th June 2000 Christopher Bamber 9 Windows NT Event Viewer Comes with MS NT Server,it’s FREE! Use it to look at your logs Make sure you have some logs Export your logs to examine them in Excel, it’s quicker More advanced version available as a plug-in in Windows 2000

29th June 2000 Christopher Bamber 10 Sophos Anti-virus for NT It’s FREE!, site licensed to Oxford University Protect your workstations from viruses Use a protected install so users can’t remove it Make it mandatory for all computers connected to your network Keep it updated…

29th June 2000 Christopher Bamber 11 Sophos Anti-Virus ADMIN Tool It’s FREE! Allows you to install SAV onto your NT workstations remotely You need to have their admin shares(C$) available for the initial install Allows you to update and change the configuration of SAV Monitors the status and current rollout of the IDE files Allows you to force an update to the user workstation Quick and simple

29th June 2000 Christopher Bamber 12 Sophos Sweep for Exchange If you really have to run a mail server, install some virus scanning software This is currently in Beta at the moment, but it works! Again FREE!, available on site licence SAVI is also available to connect to other mail server software MAILsweeper is available for most systems and uses SAVI

29th June 2000 Christopher Bamber 13 Elron CV Firewall for NT Offers fully IPSEC compliant VPN Capabilities Includes NAT, DMZ and User Authentication Delivers industry-leading, 3rd generation, Stateful Multilayer Inspection (SMLI) technology Is easy to manage with a point and click interface Cost - £1.7K, available from MIS Corporate Defence Solutions

29th June 2000 Christopher Bamber 14 Drill Down to View Rule Details

29th June 2000 Christopher Bamber 15 Specific Servers on Ports

29th June 2000 Christopher Bamber 16 Custom Defined Ports - Tuples

29th June 2000 Christopher Bamber 17 Log File View

29th June 2000 Christopher Bamber 18 Log Filtering The latest version of the software now has a very powerful filtering ability for log files This allows for quick analysis and troubleshooting of the network and firewall

29th June 2000 Christopher Bamber 19 Application Layer Commands Available for FTP, inbound , News and Web Allows you to lock down the common ports to valid commands only Stops ICQ, Instant Messaging from using these ports

29th June 2000 Christopher Bamber 20 eTrust Intrusion Detection Providing real-time, non- intrusive detection, policy- based alerts, and automatic prevention Integrated anti-virus engine with automatic signature updates Dynamic URL blocking and logging Predefined policies for a wide range of attacks Comprehensive built-in reports

29th June 2000 Christopher Bamber 21 Transcend Workgroup Manager Network management utility for managing 3com hubs and switches Workgroup & Enterprise edition will no longer be available from the end of June 2000 (so order today!!) Support will continue for 5 years

29th June 2000 Christopher Bamber 22 Network Watch (NT Resource Kit) Allows you to view and manage the network shares on your NT Servers Includes the hidden shares ($) Handy to see who’s connecting to what on your server

29th June 2000 Christopher Bamber 23 Software Sites WS_Ping_ProPack - XploiterStat Lite - Sophos Anti-Virus – MAILsweeper - Elron Firewall - eTrust - Transcend - MIS Corporate Defence Solutions – – contact James Guttridge

29th June 2000 Christopher Bamber 24 Contact Information Christopher Bamber IT Systems Manager Somerville College, OX2 6HD Tel: