Microsoft Security Essentials

Midterms was last week, and for one of my classes I had to write a mockup Risk Analysis and really generic Security Policy for a fake company. The point is during the Security policy part I was thinking about a network user policy that would be interesting to see. Basically the idea would be to have a security policy that gave users the ability to help diagnose security issues. Within reasonable restrictions though as to not be damaging to the network.

Why would a network admin, security admin or a network developer be concerned with packet tracing software like Wireshark or Snort? To some that answer might be extremely clear, but others maybe not so much. The basic premises is that a packet tracing program like Wireshark or my own sniff is that it can read all the traffic that is coming in on the network adapter.

So I have seen this problem come up a couple of times now and really it is totally a lame issue. It involves norton internet security suite and vista, maybe XP (not positive on xp). Basically the none techno speak version of this issue is that when norton either can not update and is seriously out of date or has expired it disables the PC's entire internet access on all devices (wireless/cables etc).

In network security there is always the drive of creating the most secure network imaginable. To achieve that security risks and vulnerabilities are constantly being assessed, evaluated and fixes being resolved. Also most network security experts would say that the weakest links are the people that use the network. Usually the way to fix the people as the weakest link is with training and sometimes scenarios.

A while back Vinoo Thomas over at mcafee labs found a really interesting hole in windows that has a variety of potential. I am going a bit off the original post with some added information. It seems though that a lot more people out there don't see this as anything let alone a security vulnerability. Even so there are plenty of other ways of elevating ones privileges on a windows box like resetting the admin password with nordahl disk.

Can a company dramatically reduce its network security threats from employees and increase overall company security at the same time? I believe that this can be done and isn't as hard as some would think it to be or should be, but Before I totally get there I want to discuss some of the other side as well. It seems that some network security practices could be comparative to how forum trolls are handled, the current methods don't work so well. For instance if john the janitor finds the network admins passwords in the trash and tries to bring it up to management and gets fired for it.