Solved

Network Security

Posted on 2008-10-21
4
202 Views
Last Modified: 2013-12-04
I resently had a Network Admin leave the company. I wanted to know what is the best way to check our Network Security to make sure there are not backdoors open for him to access our network.  Are there any tools I can use to check our external access to our LAN?

Thank you,
0
Comment
Question by:KappaMan1911
  • 2
4 Comments
 
LVL 18

Expert Comment

by:Rartemass
ID: 22772183
0
 

Author Comment

by:KappaMan1911
ID: 22772304
I have Wire Shark, but I have never really learned who to use it.  I will check out all of your surgestions.  I was told it is not a good idea to leave wireshark on a server.  thanks.
0
 
LVL 4

Accepted Solution

by:
larsga earned 500 total points
ID: 22772397
"We let the janitor go, how can we be certain that he can't get into the apartment block again?" Apologies for sounding facetious, but that's more or less the physical analogy of your question. Without knowing more about the network and what you want to protect, I can only give some general advice.

You could do the following (listed in increasing level of paranoia):

- Change locks on doors and windows.
In other words, disable accounts or change passwords on equipment/systems/accounts he had access to. Ranging from Windows user accounts to administration passwords on network gear. If you have VPN set up (access to your network from remote offices / home / people travelling with laptops), change the VPN passwords.

- Check if any windows are left ajar.
The most obvious thing to check would be the configuration on the firewall(s)/router(s) that face the Internet. You could use 'nmap' or a similar portscanner on the external IP address of the Internet firewall to see of he left an open port (although the output from a portscan wouldn't tell you much unless you know something about networking).

- Look for any hidden windows in the attic or floor-boards that are loose.
If he is competent and really wanted to hide a backdoor, there is really no way you can be absolutely sure without a total cleaning and reinstalling everything. For example, he could have left a small router on the network that is set up to be accessible from dial-up/ISDN/cell-phone; or perhaps a small program on a PC that would connect to him at 1:00AM every second saturday.
0
 

Author Comment

by:KappaMan1911
ID: 22772549
He was a new Network Admin... So I did not give him the keys to the kingdom.  He had not access to the Firewalls, routers., or VPN, and I have changed all those passwords.  Your point is well taken.  Moving forward I will strenghen my network monitoring and security.  Thank you for the advice.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now