Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
| Hi-index | 0.00 |
The above sections are based on a generalization of a large number of network reviews which have been performed. but the overall conclusion is that on the whole, local area networks are not subject to adequate controls and procedures and many organizations are exposed to significant business risks due to inefficient network management. We hold some sympathy for the network manager and support functions, as the growth of the network and associated technologies has been dramatic and the developers of the network operating systems have concentrated on the provision of tools for the users rather than the administrator. The good news is that some of the shortcomings of Network Operating Systems are now being addressed, As an example, Novell NetWare 4 is shipped with an excellent auditor function which will provide management with sophisticated audit trails which can be protected from access by the network administrator. NetWare 4.x also provides a single login to multiple NetWare servers which should relieve the administration effort required for effective user management. There is, however, no excuse for weak network security, this seems to be a common problem in many organizations and with the dramatic growth in the implementation of WAN links, modem links and Internet access, the risks of unauthorized access to systems and data is increasing by the day, Management should at the very best assess their exposure to these risks and stress the importance of network security not only to the users but also to the network management and support functions. This article has concentrated on the management, support and security of computer networks which traditionally encompass a network review. In the next issue, the additional stages of the Touche Ross network review will be discussed which primarily focuses on the review of network resilience and reliability which is beginning to be seen as a critical factor of an organization's business. Network downtime can now be directly associated with financial losses to an organization and as such should be of a key concern to their senior management and the computer audit function.