Security

Security is important in the always on, always connected internet systems of today.

Balancing security with access requirements forms the core of security.

Information is the important element in any computer system allowing authorized access and keeping that data secure from unauthorized access is what IT security is fundamentally about.

Poised Solutions offers the following security related services:

• Firewall Installation.
• Intrusion Detection Installation.
• Network Auditing.
• Virus Scanner Installation.
• Code Auditing.
• Bespoke Security Solutions.
• System Hardening.

If you wish to hire Poised Solutions for any of the above services, please get in contact, via the contact page.

Firewalls

Firewalls are the first line of defence around a network. They tend to operate at a low level on the raw TCP/IP data.

Firewalls often provide Network Address Translation which is a useful feautre for security and for sub netting.

Firewalls can be configured to detect certain patterns of communication that is malformed or indicative of an attack.

Poised Solutions mainly deals with unix based firewalls and configures either:

• IP Filter
• IPTables/Netfilter

Intrusion Detection

Intrusion detection software comes in at different levels and at different times.

The firewall can alert to a possible intrusion, but the next level is to use real time traffic analysis of the payload of each packet. Attacks designed to exploit vulberabilities in running applications or services can be detected at this level.

The next level is to check after the fact, not a desirable position to be in if the check is positive though as this would indicated the system has already been compromised.

Poised Solutions configures the following intrusion detection software.

• Snort
• ClamAV
• Tripwire
• Chkrootkit
• Rootkit hunter

Network Auditing

Network auditing is the hunt for vulnerabilities in your systems.

Automated attacks in a controlled manner are a good way to understand your network weaknesses before your systems get compromised.

After the basic attacks are run against the system more specialized attacks can be tested, depending on what software is running on the network.

It is generally a good idea to have at least two different sources to test your network, and have both internal and external to the company test the setup.

Virus Detection

Whilst unix systems do not suffer with the same number of virus attacks that windows system do, this makes unix systems good candidates for a virus detector hosts.

Virus detectors Poised Solutions can install are:

• ClamAV

Code Auditing

Certain ways of coding and library usage can introduce security defects into software.

Certain languages are vulnerable to tainted data from supplied by the user.

Poised Solutions can run tests with automated security auditing tools and do a code review to determine if code is potentially insecure.

Bespoke Security Solutions

Anything that buys you time and highlights the a possible attack improves your security.

The problem with public security systems is they are well known. Circumventing these systems is possible either by creating so much noise with them the real attack is missed or by exploiting a bug in the security system itself.

A bespoke system has the advantage of being an unknown to the attacker. It is worth considering alongside the more proven system to give yourself some extra time in handling the intrusion or attack.

System Hardening

Once vulnerablities are known in a system and patched for, you then wait for the next round of vulnerabilities to be discovered.

Some vulnerabilities can be stopped though by configuring the system with hardened patches on core features of the kernel, this is normally done at the expense of some performance, but generally it is worthwhile if you have a machine in the DMZ.

Poised Solutions can harden systems by installing:

• OpenBSD
• grsecurity
• Bastille Linux

Other operating system features can also be enabled, as well as securing particular services.

Open Library