How to recover your network after a security breach

By network, here I mean routers, switches, firewalls, etc. -- infrastructure, to the exclusion of nodes like servers and PCs which are usually attacked in different ways. Routers, switches and their ilk are still susceptible to rootkits and other attacks that plant malicious software/firmware, but they're not prone to it to the same degree as Windows-, Linux- or OS X-based systems. More common attacks target protocols and result in black holes, fill up your switch's FDB so it can't learn new MAC add

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security for the midmarket Locking down security in the move to electronic medical records A CIO's advice for implementing single sign-on solutions Options for outsourcing security grow, offer IT budget savings Network access control: Pointers for getting the knack of NAC Stopping malware viruses from attacking Web 2.0 technology Virtual servers no escape from IT security management concerns Unified communications: Securing access to OCS Unified communications security: How safe is it? Risk assessment frameworks easy to employ Midmarket regulatory compliance management: Don't let your guard down Information security management for the midmarket Using key risk indicators to sell your information security program IT security spending a bright spot in '09, with more growth predicted Gartner: Vetting security of third-party partners in five steps Locking down security in the move to electronic medical records Security and risk management in the midmarket Identity and access management planning guide for the midmarket Information systems management for the midmarket CIOs share advice on doing more with less Get smart about patching security vulnerabilities A CIO's advice for implementing single sign-on solutions

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

resses, or attempt to deny service by using up all your bandwidth.

Another note is that the order in which you perform the tasks below may vary greatly by the nature of your organization. For instance, at one business, your primary concern may be restoring connectivity as fast as possible, while another business may be highly regulated and more tolerant of outages, and thus willing to take the time to do some forensic work.

As always, the key theme you should have noticed above is preparation. Like insurance, it's annoying, but occasionally pays off big.

Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.

Rate this Tip To rate tips, you must be a member of SearchCIO-Midmarket.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.