Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
NIB Networking & Security Issues 09-12-2002 Recent Activities • Additional RAS & Router cards procured and installed at “A” and “B” type of locations • Core bandwidth between A1-A1 and A1-A2 in the process of augmentation (6/26) • International bandwidth augmented by about 40 Mbps 09-12-2002 Data Networks Daily Maintenance Status of :• Router – sh env all, sh proc cpu, sh ver • links – sh ip int br , sh interfaces, sh logg • RAS – sh env all, sh dial-shelf, sh dial-shelf clocks – sh controllers e1 1/0/1 call-counters , sh modem summ – disp modem pool statistics table 09-12-2002 Data Networks Daily Maintenance • • • • • Console should be kept connected Syslog should be implemented Traffic on the links should be regularly monitored Check for balanced loading of the links Link Flapping (sh logg, Syslog), better to shut down • Regularly check MRTG concerning your node • Apply peer pressure to get the links up, particularly international gateways • Regularly check the Website and update the relevant contents 09-12-2002 Data Networks Simple ways to check the Network • Ping, Extended Ping • Traceroute, Extended Traceroute • Ping & traceroute from routeserver.cerf.net/ route-server.exodus.net • Nslookup, dig, whois • Cyberkit, Ping Plotter 09-12-2002 Data Networks MRTG • MRTG at “A” type of locations for traffic monitoring of whole network for internal links and customer links. (pending at JPR) • Integral part of Bandwidth Augmentation procedure • Keep the MRTG up-to-date and ask the upstream to update the MRTG for new links and customers • Needs reconfiguration after additional card installation 09-12-2002 Data Networks Web site • Check the web site • Please please get the e-mail ids nib_<city>@sancharnet.in & <city>@sancharnet.in and nib_<circle>@sancharnet.in • Keep the address information current • Keep the Connectivity information current • Keep the admin and Tech Contact information current 09-12-2002 Data Networks Few Incidents • Nodes not using proper DNS • Blackholing the traffic to a particular site • OSPF costs changed as a result, the traffic got congested on a single link • Excessive flapping on few links • Loaning of IP addresses in Assam • After transfer, passwords were not handed over and forgotten. 09-12-2002 Data Networks Security • Take regular backups of RAS and Router configurations. • Implement Syslog & Analyze it regularly • Keep connectivity, port utilization,IP Addressing plan, cable layout plan, customer contact details up to date • Keep the addressing plan confidential • Keep all the passwords (CIM, RAS, Routers) secure 09-12-2002 Data Networks Security • No default password should be there like netman, cisco • On transfer, make over the passwords • As far as possible use Sancharnet mail for sending network related information • Remote login should be avoided, if at all done, then use it through Sancharnet only • Maintain a logbook containing the details of access provided to vendors like for PM, unauthorized SNMP access, spammers,any important incident etc. 09-12-2002 Data Networks Security Do not • • • • Deviate from the connectivity plan Deviate from the IP Addressing plan Change the order of DNS servers Connect any equipment to LAN other than infrastructure and approved • Browse and send e-mail from consoles and help desk PC’s 09-12-2002 Data Networks Security • All the software provided should be kept secure, no unauthorized copies be made • Be aware of Acceptable Use Policy • Be aware of Nimda, Code Red, Spamming • Be alert with hoax calls like jdbgmgr.exe • Anti-Virus software should be kept updated • Without Proper physical security everything is useless. • Bring to the notice any situation which may lead to security compromise 09-12-2002 Data Networks Spam • Junk Mail, UCE • Why Bad – People are paying for receiving it – Consumes bandwidth & other resources – Annoying • Users to be made aware of this 09-12-2002 Data Networks Proposed Policy to deal with SPAM & SCAN • For leased users – If complaints are received continuously for 2 days, intimate to user about possible spamming from his network. – Warn the user if complaints continue for 2 days after intimation – Disconnect the user, with due intimation, temporarily for a day, after 5 days of continuous complaints – Reconnect and if complaints still continue then permanent disconnection • For Dialup Users – Similar policy after identification of user 09-12-2002 Data Networks Educating the Users • For changing the Password and checking the balance hours regularly • Loaning of user-id (chance of misuse) • Made aware of Acceptable Use Policy – E-mail Policy – Spamming – Network, port scan • Need for keeping the Anti Virus solution updated 09-12-2002 Data Networks Questions? 09-12-2002 Data Networks