1. Kernel Vulnerabilities
2. Server Program and CGI Vulnerabilities
3. Common Steps For Handling Previous Vulnerabilities
- Identify the vulnerability and plan the modification beforehand.
- Backup the system and make sure it can be restored.
- It's suggested to perform simulation beforehand on similar environment, using virtual machine for example.
- Finally perform modification. For beginners the step usually taken is update the system to the latest, after this process experts tends to manually modify. It's suggested to leave explanations on modified parts, for example leaving a comment on a configuration script that contain informations of what the modification is and when it was modified.
If not taking the steps above then there's a risked in rebuilding the system from the scratch since there's a chance in breaking the system when performing modification.
4. Some of My Comments and Experiences
My comment is that information security policy becomes necessary at the era of where we live know. As my first experience working at a corporation called Toshiba Tec, informations are very crucial. Just leaking a bit information outside the company can greatly damage both its image and income. There are informations that are highly classified that only the top management have authorization to access. Informations can be in form of physical substance (paper for example), but mostly today in form of electronics (word processor, spread sheet, image, video), that it is forbidden the use of hard drive on the companies private computer. With today's technology it is not unusual that access and exchanges of electronic information relies on computer networks.
In my company those in the information system division are responsible in handling the technology of electronic exchange at the same time the privacy of the exchange that informations must not leak outside of the company. They create a set of information security rule that was approved by the top managements of the company (a policy was created). To defend against outside threats, firewall, intrusion detection system, and antivirus were implemented. The networks were also strictly configure of who have the authentication to access. The division is also responsible to protect from the inside whether to prevent information leakage or to prevent information damage. In the policy is stated that employees are forbidden the use of outside electronic devices to connect to the network. A strict monitoring is installed on the IT infrastructure to record the time, and the person who access the information. Also the division is responsible in socializing the information security policy, especially of what both employers and employees are allowed to do and not do.