Networking Fundamentals, 3rd Edition page 473

Copyright Goodheart-Willcox Co., Inc. 473 Chapter 15 Network Security a number to the end of a password and then simply incrementing the number by one each time a new password is required—for example, MySecret1, MySecret2, and MySecret3. Password Age Passwords should be changed frequently, but not so often that it becomes a real an- noyance to the users. A good rule of thumb is to require passwords to be changed every 90 days. Minimum Password Length Th e exact password length depends on the company and network administrator’s perception of the need for security. Passwords that are too long are not practical for most applications. A password should be of suffi cient length to allow a variety of characters and symbols to be used but not so long that the support desk is constantly reassigning forgotten passwords. A good rule of thumb is a minimum of eight characters. Administrators and special operators, such as department heads with administrative privileges to assign passwords to individual workgroups, should be required to use a password of at least 12 characters. Other Password Security Measures For additional password security, it is a recommended practice to move the location of the password storage fi le. Depending on the network operating system, it is also a good practice to relocate other security fi les from the default location. When security fi les are left in the default location, intruders can easily locate them. Also, when a database with username and password information is saved on a computer, the da- tabase should be encrypted and placed under an unassuming fi le name, such as Tax Report Summaries rather than Personnel Security Passwords. Any password can be hacked, but not all intruders can hack all password meth- ods. For example, an intruder can hack a highly secure password, but it can be very diffi cult and take even a month or more. A nonsecure password can be compromised very easily and in a very short time. You can audit the network security passwords by using special software pack- ages designed for this purpose. Many operating system websites provide such tools at no cost. Firewall A fi rewall is designed to monitor and pass or block packets as they enter or leave a network system, as shown in Figure 15-18. A fi rewall may consist of either hardware or software or a combination of both. Servers, routers, and individual computers may be used as fi rewalls. Firewalls are designed to fi lter the inbound and outbound fl ow of network pack- ets based on factors such as IP address, port numbers, software application, packet contents, and protocols. Th e exact selection of factors can vary according to the fi re- wall design, purpose, and confi guration. Windows Firewall is very sophisticated and can fi lter both inbound and out- bound packets. Th e Windows 10 Firewall and Windows Server 2016 Firewall are al- most identical in design. Look at Figure 15-19, which shows the Windows 10 Firewall. As you can see, there are many default fi rewall settings that are directly coordinated 2.2 NET

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 473 (495 of 720)

Resources and Downloads

Help