Network Security Checklist
This part of the checklist concerns routers, firewalls, and other network-level devices in a TCP/IP network, and their recommended configuration. One of the approaches to network security utilizes the Open Systems Interconnection (OSI) Reference Model, which describes network procotols and devices. In the OSI Model, everything in a network is divided into seven categories, called layers, from the physical layer up to the application layer:
- Physical layer
- Data link layer
- Network layer
- Transport layer
- Session layer
- Presentation layer
- Application layer
The approach is to secure the entire network and its nodes from the bottom up. In other words, you start with the first (physical) layer (securing equipment, cables, and connections from physical risks such as theft, fire, water, and destruction) and go up to the last (application) layer. Various technologies may be used at the network, transport, and application layers, such as encryption, authentication, checksums, and message digests. The following precautions are applicable in the vast majority of networks:
Disable directed broadcasts on all routers under your administration. Directed broadcasts may be used for a variety of malicious purposes.
Use packet filtering and stateful firewalls at the perimeter of your network to keep out unnecessary and dangerous packets.
Block all protocols except the ones you currently use. Most sites need only TCP, UDP, and ICMP. Block them in both directions by applying both incoming and outgoing packet filters. Check your access lists twiceæonce before applying them and once after.
Block all ports except the ones you currently use. Differentiate between "internal" services, such as RPC, and "public" services, such as SMTP. There is absolutely no need for anyone to be able to connect to your RPC or NFS ports. Therefore, deny access to "internal" services from outside.
Use intrusion detection systems, if practical. Intrusion detection is a relatively new area of computer security, and it requires much attention during installation, configuration, and use. Therefore, its use is probably practical in only certain circumstances.
Remember that security is an ongoing concern. To keep your systems secure, keep an eye on security announcements, and always install the latest patches to the operating system and applications you are using.