Eicon Networks S92 Manual do Utilizador descarregar pdf (Página 83)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 83

n TheIDScanalertInternal_AdminviaSMTP.

n Snort(http://www.snort.org/)isanidealIDSsoftwareforsuchpurpose.

n Tobesecure,theIDSitselfishardenedandisprotectedbyafirewallservice

runningonitself.

n TheIDShasitsown SMTPservicesolelyforsendingalerts sendingemailsto

theadministrator’smailboxlocatedintheinternalemailserver.

5,Dropandlogeverythingelse.

Sincetheabovepoliciesarenotinconflicts,theorderdoesnotreallymatteraslong

asthe“dropeverythingelse”ruleisthelastrule.However,itisadvisedthatthemost

frequentlyencounteredrulesbeplacedatthetop.Thewebservice,inthecaseof

GIAC,issupposedtobethebusiestone.

NetworkObjects:

Beforewesetupanyrule,all therelevantnetworkobjectsmustbebuiltfirst.Notethat

NATisnotneededonthisconfiguration:

Admin

n Theinternaladministratorsnetworkobject

n Thenetworkaddressis192.168.19.0

n Internaltothefirewall

Dev

n Theinhousedevelopersnetworkobject

n Thenetworkaddressis192.168.20.0

n Internaltothefirewall

Staff

n Theinhouseclientsnetworkobject

n Thenetworkaddressis192.168.17.0

n Internaltothefirewall

RAS_User

n TheRASusersfromtheRAS_Netnetworkobject

n Thenetworkaddressis192.168.22.0

1 2 ... 78 79 80 81 82 83 84 85 86 87 88 ... 208 209

Sem comentários

Eicon Networks S92 Manual do Utilizador Página 83