...You Decide Scenario: Week 3 Detecting and preventing insider threats is its own discipline, with its own dynamics. If you put these countermeasures in place, you can reduce the threat dramatically. First, you can use an IP packet-filtering router. This type of router permits or denies the packet to either enter or leave the network through the interface on the basis of the protocol, IP address, and the port number. The protocol may be TCP, UDP, HTTP, SMTP, or FTP. The IP address under consideration would be both the source and the destination addresses of the nodes. The port numbers would correspond to the well-know port numbers (Vacca, 2009). Packet filtering lets you control data transfer based on the address the data is, the address the data is going to, and the session and application protocols being used to transfer data. The main advantage of packet filtering is leverage. It allows you to provide, in a single place, particular protections for an entire network. Consider the Telnet service. If you disallow Telnet by turning off the Telnet server on all your hosts, you still have to worry about someone in your organization installing a new machine (or reinstalling an old one) with the Telnet server turned on. On the other hand if Telnet is not allowed by your filtering router, such a new machine would be protected right from the start, regardless of whether or not its Telnet server was actually running. Another advantage of a packet filtering router is that...
Words: 622 - Pages: 3