Time to learn network security

[Spider]

Due to the lethargy within my company being unwilling to invest in any ‘proper’ training, I'm at the stage now where I may as well teach myself anything I need to know. I’d like to know a little more about network security and so called ‘ethical hacking’. How to protect a network, how to do some basic penetration testing, do’s and don’t’s of network security and so on. It will be predominantly a windows environment so I'm guessing there will be plenty of material out there to look through. We have both wired and wireless networks, and have recently started to use the mains based networking solution where the others will not suffice.

Has anyone done any research on this subject and found any particularly useful resources or tutorials?
Any info appreciated on this subject.

Thanks

 

[Ricochet J]

If you're a large company with expensive valuable data to protect then i'll recommend in learning how to configure Cisco PIX firewalls. If you don't want to go that far then teach yourself some ACL instruction sets that will keep nasty people away from your network.

If you're not looking at the high end equipment, do the usual stuff on your firewall. Block any open ports that are open, admin passwords in Windows etc.

Security is a pretty big subject to get to grips with.

 

[bigredshark]

Well, firewall training is ok, I have JNCIA on netscreen firewalls (and one on M series routers but thats not relevent). Juniper make the best firewalls right now, period, but it's no use knowing how to use them if you don't know what to block etc, the training won't show you that usually.

Theres a lot to know, bigcompanies employ specialists to come up with security policy.

my advice is to look at inside the network as well as outside (the biggest security threat is users, either themselves or by way of carp passwords etc), deploy a good firewall (see if your ISP has a managed firewall option), and whatever else don't put wireless inside the LAN, put it in a DMZ and insist users use a VPN to get into the LAN (it's about the only certain way to secure Wifi these days). Penetration testing is best done at the small business level by a friend or colleague who trusted. At the enterprise level it's contracted out to specialist companies, i can get you a name if you want, our biggest client just had them run a few tests on their portal.