SANS Technology Institute: Security Laboratory
Welcome to the Security Laboratory. I'm Stephen Northcutt and like many of you I am a manager and leader with an information technology job. At the SANS Technology Institute, we are always striving to become more skilled and knowledgeable in computer security as well as the people side of the job. The "Security Labratory", for you creative spellers, is an informal set of articles and whitepapers, almost a blog, about security, information technology, and the computer security industry. As we learn more, ponder issues and research content for SANS Security 401 Security Essentials and the GIAC Security Essentials Certification, we will continue to add to this site. Our hope is for this to be a resource for the community and we would love to hear from you. Feel free to drop us a note at stephen@sans.edu.
Click here to subscribe to the Security Laboratory Article Feed- Security Laboratory: Networking
This networking series will help the computer security manager understand the basics of an Internet Protocol network and give them the tools to help them manage those networks effectively.
A Management Perspective for Networks - Updated April 28th, 2009
By Stephen Northcutt
Version 1.1Understanding how networks work will empower a manager to make informed decisions that affect the security posture of the business. Because our organizations depend on networks to accomplish work, they can be used to attack us and yet, we are all too willing to treat them as something beneath the manager's responsibility and beyond our understanding. At a minimum, security leaders are responsible for ensuring that metrics are in place to monitor the health of this resource and oversee the development of a secure architecture.
Management Application of MAC Addresses - August 4th, 2007
By Stephen Northcutt
To build your defense-in-depth, computer security managers should ask their network engineers if they are collecting logs related to MAC addresses such as the ARP tables. They should also ask IT staff to ensure that it is not possible to connect a system to your organization's network without permission. In addition, see if your organization will perform both ingress and egress filtering.
Ethernet Security Considerations - Updated August 3rd, 2007
By Stephen Northcutt
Knowing the basics of ethernet technology will enable managers to ask the right questions about the security of their organization's networks. Stephen Northcutt describes the basics of ethernet and its security risks.
