Comments on: The Ultimate Network Security Checklist

By: Crunchy

Crunchy — Thu, 26 Jul 2012 13:14:29 +0000

It’s a text file, it could contain code that executes when it is open. If you’re familiar with coding you could just edit the .srt file to see if there is anything crazy on it

By: Stephen

Stephen — Fri, 20 Jul 2012 10:27:04 +0000

Kevin, I understood that a .srt file is just text. Please could you explain how this can be a threat? Thanks.

By: Gill Langston

Gill Langston — Tue, 13 Mar 2012 22:06:34 +0000

Torrents are bad news for so many reasons.. besides the fact that a user in a corporate environment can infect the entire network just because they wanted to download a song or movie, they could leave the company legally liable for copyright infringement. Especially when the torrent client is sharing files to others. That means the company network is now hosting pirated content.

By: Christina Goggi

Christina Goggi — Mon, 05 Mar 2012 10:13:13 +0000

Thanks Remco! Everyone has their own method; the most common approach is probably keeping a cheat sheet (which is just a concise list of the items you think apply to you). Then update it gradually – things that become second nature can be removed and new things you encounter should get added.

By: Kevin Fraseir

Kevin Fraseir — Wed, 29 Feb 2012 05:33:16 +0000

STAY AWAY FROM TORRENT-BASED WEBSITES. As an experienced senior network administrator for more than eight years, I’ve encountered some of the toughest network security risks there is. Name it and I know them down to their source codes. From these threats, the toughest for me are torrent-based infections and attacks.

It’s a bad idea to download files (mp3s, videos, games, etc) from websites that host torrents. Some downloaded torrent have extra and unnecessary files attached to them. These files can be used to infect your computers and spread viruses. Be extra careful about downloading pirated DVD screener movies especially if it contains subtitles (usually it has a .srt file extension). Subtitle files are sometimes encoded with malicious codes.

By: Remco

Remco — Tue, 28 Feb 2012 19:39:39 +0000

A great list indeed! What i really would like to see is a tool or an excel sheet as an example of documenting these information, because i keep strugling wich data is important and how to save them efficient. Any suggestions?

By: Thomas Macadams

Thomas Macadams — Tue, 28 Feb 2012 01:51:51 +0000

Backup backup backup. If there’s one GREAT thing I learned way back in college – that is to backup all network programs and systems. When all backups are in place, network security and protection will be a breeze. And with Cloud Computing on the steady rise, automatic backups of your workstations and server will be both practical and easier to do. If you are a competent network administrator or an IT manager, backup / restore should be one of the top in your checklist.

By: Roger Willson

Roger Willson — Mon, 27 Feb 2012 08:15:04 +0000

A great list! It is really a concise representation of all the points that need to be secured. I think this list can be used as a basis for security for companies of all sizes. For a small company it can be used verbatim, while for a large one there might need to be some additions but all in all, awesome work, thank you!

By: Adam Loveland

Adam Loveland — Sat, 25 Feb 2012 12:31:51 +0000

Quite an exhaustive list, but that’s the kind of thorough attention to detail that is necessary when reviewing network security. One hole in any one of these spots can effectively bring most of the others down. You may not need this much consideration for a smaller business, but if you have an intention to grow it is ALWAYS a better idea to have the infrastructure in place first and grow to fit it.

By: Xerxes Cumming

Xerxes Cumming — Sat, 25 Feb 2012 08:11:41 +0000

For me, making sure workstations are in good shape (secured, updated and physically in excellent condition) should be the top-most concern rather than the server itself. I also would like to add that vulnerability scan and patch management should go hand in hand. You should not do or apply only one. I’ve been a white hacker for several years now and these two network security methodologies are a must for both the server and the workstations. Organizations and enterprises with more than 50 employees and a hundred computer units should have these two in place.