iseng iseng buat design baju

Syria Chemical weapons most painful Deaths Please Share This

I don't Have Word For Describe this Video 

Please Share As It Is Possible 

amazing human beatbox

AMAZING !!!

Transformers 4 Hadirkan Robot Dinosaurus

Los Angeles : Salah satu sosok produser untuk film 'Transformers 4', Lorenzo di Bonaventura baru-baru ini memberikan komentar dan berbagai informasi mengenai film terbaru yang disutradarai oleh Michael Bay itu. Ternyata, banyak hal-hal baru yang belum pernah ada di dalam film sebelumnya.

"Saya tidak bisa mengumumkan secara spesifik, namun Anda bisa yakin bahwa bergabungnya Dinobots akan memberi antusiasme baru bagi penonton. Sebagai tambahan untuk Optimus Prime, Bumblebee, dan kemunculan peran lama yang sudah diubah, kini mobil yang paling menarik dan terkeren di dunia akan muncul dalam film, termasuk buatan China, baik kalau Anda seorang penggila mobil, Anda akan memanjakan mata Anda dan terkejut oleh mereka," ungkap sang produser antusias.Dilansir dari Beijing News melalui Comic Book Movie(1 September 2013), salah satu hal barunya adalah dimasukkannya konsep Dinobots ke dalam film. Dinobots sendiri merupakan robot dinosaurus yang juga muncul di serial animasi televisinya sejak dahulu.

Selain itu, sang produser juga menyatakan bahwa mereka akan menampilkan seluruh adegan yang diambil di China secara internasional. Ia juga agak menyayangkan hasil film 'Iron Man 3' dimana adegan yang ada di China tidak ditayangkan secara internasional, melainkan hanya ada di dalam versi China.

Lokasi syuting Transformers 4 saat berada di China, mengambil Beijing dan Hong Kong sebagai tujuan utamanya. Selain itu, para pembuat film juga masih mengincar tempat-tempat lainnya.

Diketahui juga, terdapat kabar bahwa judul tambahan yang menyertai Transformers 4 sudah dibocorkan. Akan tetapi, masih terdapat 3 judul yang masih dalam tahap perundingan. 'Transformers: Last Stand', 'Transformers: Apocalypse', dan 'Transformers: Future Cast' adalah ketiga pilihan judul tersebut.

Karya arahan sutradara Michael Bay ini juga menampilkan kembali suara Peter Cullen sebagai Optimus Prime dan aktor Glenn Morshower sebagai Jenderal Morshower. Diketahui, karakter penjahat utama dalam film ini adalah sosok bernama Harold Attinger yang diperankan oleh Kelsey Grammer.

Dibantu oleh penulis naskah Ehren Kruger, Transformers 4 yang diperankan oleh Jack Reynor, Nicola Peltz, dan Mark Wahlberg itu, kini sedang dalam proses pembuatan dan dipastikan bisa tayang pada 27 Juni 2014 mendatang

WELCOME HOME RICARDO KAKA

TOPIK #AC Milan #Ricardo Kaka

Ricardo Kaka (dailymail.co.uk)

Liputan6.com, Milan : Setelah empat musim, Ricardo Kaka akhirnya kembali ke AC Milan, Senin (1/9/13). Gelandang asal Brasil tersebut didapat Milan dari Real Madrid secara gratis. Padahal, saat dijual ke Madrid pada 2009, Milan membanderol pemain berusia 31 tahun itu seharga 68,5 juta euro.

Selama dua musim nanti, Kaka akan bermitra dengan striker Mario Balotelli. Pemain terbaik dunia 2007 versi FIFA itu yakin bisa membantu Balotelli dalam urusan mencetak gol seperti yang pernah ia lakukan dengan Filippo Inzaghi antara 2003-2009.Kaka dikontrak Milan hingga Juni 2015. Bersama Rossoneri, ia akan mendapat gaji sebesar 4 juta euro per musim. Jumlah ini menurun jauh dari 10 juta Euro yang didapatnya di Madrid.
"Mario adalah pemain hebat dan saya ingin melakukannya dengan baik bersama dia. Saya harap saya bisa lakukan dengan dia seperti apa yang dulu saya lakukan bersama Filippo Inzaghi," kata Kaka seperti dimuat laman resmi Milan dan dilansir Soccerway.
"Empat tahun telah berlalu dan sekarang saya kembali. Selama dua pekan saya berpikir jika saya bisa kembali, kembali ke Milan akan ideal bagi saya. Dalam beberapa hari terakhir, saya telah memimpikan mendengar para fans menyanyikan nama saya di San Siro lagi," tambahnya.
Bersama Inzaghi, Kaka membawa Milan melaih sejumlah trofi, di antaranya Serie A: 2003–2004, Supercoppa Italiana: 2004, Liga Champions 2002-2003, Piala Super Eropa 2003, serta FIFA Club World Cup 2007.
Kaka memutuskan meninggalkan Madrid karena ingin mendapatkan tempat di skuat Timnas Brasil untuk Piala Dunia 2014. "Saya memiliki banyak keinginan untuk bermain dan itu adalah tahun yang sangat penting bagi saya karena untuk Piala Dunia," ujarnya. "Saat ini saya hanya ingin melakukannya dengan baik untuk Milan, tim saya.

Sejarah al capone

NEW YORK, musim dingin 1899. Salju jatuh dan membuat kawasan Brooklyn Borough seputih kapas. Orang malas keluar. Jalanan menyepi.

Didera oleh suhu yang menggigit tulang, pasangan Gabriele dan Teresina Capone tengah berharap-harap cemas menanti kelahiran anak ke-4 mereka.

Tak banyak yang diketahui orang perihal detik-detik kelahiran bayi laki-laki yang kemudian diberi nama Alphonse Gabriel Capone itu. Tapi sejarah mencatat, kemunculan Alphonse pada 17 Januari 1899 bagaikan api yang menghangatkan rumah Keluarga Capone.

Gabriele adalah seorang tukang cukur dari Castellammare di Stabia, sebuah kota sekitar 16 mil (24 km) selatan Napoli, Italia. Teresina, putri Raiola Angelo Angri, adalah penjahit di sebuah kota di Provinsi Salerno. Menurut sumber tulisan ini, Wikipedia, keluarga Capone memiliki delapan (dari sembilan) anak:

1. James Capone (1892 – 1 Oktober 1952)
2. Raffaele Capone (12 Januari 1894 – 22 November 1974)
3. Salvatore “Frank” Capone (Januari 1895 – 1 April 1924)
4. Alphonse “Scarface Al” Capone (17 Januari 1899 – 25 Januari 1947)
5. John Capone (1901 – 1994)
6. Albert Capone (1906 – Juni 1980)
7. Matius Capone (1908 – 31 Januari 1967)
8. Rose Capone (lahir dan meninggal 1910)
9. Mafalda Capone (kemudian Mrs John J. Maritote, 28 Januari 1912 – 25 Maret 1988)

Anak-anak Keluarga Capone itu dibesarkan dalam latar belakang agama yang kuat. Ibu mereka adalah seorang penganut Katolik Roma yang taat.

Keluarga Capone berimigrasi ke Amerika Serikat pada 1893 dan menetap di Navy Street 95, di dekat Galangan Angkatan Laut bagian Brooklyn.

Ketika Al berusia 11 tahun, Keluarga Capone hijrah lagi ke Garfield Place, Park Slope, Brooklyn.

Menjalani masa kanak-kanak dengan keras, Capone drop out dari sekolah Umum New York pada usia 14 tahun, setelah diusir dari Public School.

Dia kemudian bekerja di pekerjaan sambilan di Brooklyn, termasuk di toko permen dan sebuah tempat boling. Di situlah Capone dekat dengan gangster Johnny Torrio, yang kelak dianggapnya sebagai mentor.

Setelah tugas awal kecil-kecilan dengan beberapa geng, termasuk The Junior, Capone bergabung Rippers Brooklyn yang kelak lebih dikenal dengan julukan Gang Five Points. Di situ dia dibimbing dan dipekerjakan oleh pemeras bernama Frankie Yale.

Gang Five Points dikenal sebagai kelompok yang keras dan tak pandang bulu. Dalam salah satu aksi mereka, Capone terluka di wajahnya, membuatnya dijuluki “Scarface”.

Pada 30 Desember 1918, Capone menikah dengan Mae Josephine Coughlin yang memberinya seorang anak bernama Albert Francis (“Sonny”) Capone.

Setelah itu, Capone berangkat New York untuk Chicago, tanpa istri dan anaknya. Capone membeli sebuah rumah sederhana di Prairie Ave pada 1923 dengan harga USD $ 5.500.

Datang atas undangan Johnny Torrio sang penguasa Chicago, Capone sempat bentrok dengan Gang Tangan Hitam. Semua anggota kelompok ini dibantainya.

Aparat keamanan Chicago pun memburunya. Capone menjadi tersangka dua kasus pembunuhan dan pemerkosaan, dan terpaksa lari mencari tempat yang aman dan pekerjaan yang lebih baik untuk keluarganya.

Chicago 1923. Terjadi reformasi besar-besaran. Wali Kota William Emmett Dever mulai menekan para gangster. Capone terpaksa memindahkan kantor pusatnya di luar jangkauan polisi dan menciptakan zona aman untuk operasinya ke Cicero, Illinois.

Capone mengambil alih kekuasaan mafia Cicero pada 1924. Gangster Cicero di bawah pimpinan Myles O’Donnell dan saudaranya William “Klondike” O’Donnell sempat bertempur melawan anak buah Capone. Tapi kalah. Perebutan wilayah ini menyebabkan kematian lebih dari 200 orang, termasuk yang terkenal “Hanging Jaksa Penuntut” Bill McSwiggins.

Pada 1924, pemilihan dewan kota di Cicero pun kelak dikenal sebagai salah satu pemilu yang paling bengkok di daerah Chicago. Para pemilih diancam para preman di beberapa TPS. Calon wali kota yang disokong Capone pun akhirnya menang dengan margin suara besar.

Capone dan wali kota boneka secara berani menguasai Balai Kota. Mereka seperti ingin memberikan pernyataan yang kuat bahwa kekuasaan mereka merupakan kemenangan besar bagi aliansi Torrio-Capone.

Sayang, kemenangan itu dirusak oleh kematian saudaranya, Frank, di tangan polisi. Capone melolong di pemakaman saudaranya dan memerintahkan penutupan semua klub di Cicero untuk satu hari sebagai tanda hormat.

Capone terkenal selama Era Pelarangan. Dia mengendalikan sebagian besar Chicago dari bawah tanah dengan pendapatan kotor diperkirakan mencapai US $ 100 juta per tahun.

Kekayaan ini dihasilkan melalui segala macam usaha ilegal, seperti perjudian dan prostitusi, meskipun penghasil uang terbesar adalah penjualan minuman keras. Ada kisah yang menyebutkan bahwa Capone memiliki kebiasaan “mewawancarai” pelacur baru bagi klubnya sendiri.

Roda waktu berputar. Capone makin menggurita ketika membuka bisnis minuman keras yang ketika itu dilarang oleh pemerintah negara bagian setempat.

Melonjaknya permintaan minuman keras dipenuhi oleh jaringan transportasi yang diselundupkan dari Pantai Timur dan The Purple Gang di Detroit, serta pasokan lokal berupa pabrik bir ilegal.

Dengan dana yang dihasilkan oleh operasi penyelundupan, cengkeraman Capone pada politik dan instansi penegak hukum di Chicago pun tumbuh lebih kuat. Dan semakin kuat.

Melalui korupsi yang terorganisasi inilah, termasuk menyuap Walikota Chicago, William “Big Bill” Hale Thompson, operasi geng Capone bebas dari gangguan hamba hukum.

Capone bebas menikmati gaya hidup mewah. Ia mengisap cerutu kelas satu. Makanan lezat dan minuman pilihan. Favoritnya Templeton Rye yang dikirim khusus dari Iowa. Ia juga mengoleksi perhiasan dan teman wanita.

Perhatian media massa pun tersedot oleh karisma dan uangnya. Di depan wartawan yang mencegatnya, Capone selalu merendah, “Aku hanya seorang pengusaha, orang-orang yang memberikan apa yang mereka inginkan dan yang saya lakukan adalah memuaskan permintaan publik.”

Capone menjadi seorang pesohor. Juga sasaran tembak. Kekerasan demi kekerasan harus dia hadapi setiap saat. Rival-rivalnya selalu menginginkan balas dendam. Mereka yang usahanya terpaksa gulung tikar oleh Capone termasuk kelompok gangster Hymi Weiss dan Bugs Moran. Lebih dari sekali, mobil Capone disiram peluru. Tapi dia selalu lolos.

Cuaca di atas Al Capone baru berubah ketika pada 1929 muncul seorang penyidik yang gigih, Eliot Ness. Dengan tekun Ness menginvestigasi jejak kejahatan Capone dan bisnisnya. Dia menutup banyak tempat pembuatan bir dan sarang penyelundupan Capone. Pendeknya, Ness adalah mimpi buruk bagi Capone.

Berkat usaha yang gigih dan tak kenal menyerah, Ness berhasil menyeret Capone ke meja hijau. Pada 1931, Capone didakwa atas penggelapan pajak dan berbagai pelanggaran terhadap Undang-Undang Volstead.

Setelah sidang yang panjang, Capone dinyatakan terbukti bersalah mengemplang pajak dan melanggar Undang-Undang Volstead. Hakim memvonis Capone hukuman sebelas tahun penjara dan denda sejumlah uang. Capone melawan dan mencoba naik banding. Tapi ditolak.

Pada Mei 1932, Capone dikirim ke Atlanta US Lembaga Pemasyarakatan, penjara federal yang tangguh, tapi ia mampu memperoleh hak-hak istimewa. Ia kemudian dipindahkan ke Alcatraz yang sangat ketat dan tanpa kompromi.

Capone dibebaskan bersyarat pada tanggal 16 November 1939, menghabiskan waktu singkat di rumah sakit, lalu kembali ke rumahnya di Pulau Palm, Florida, hingga ajal menjemputnya pada 25 Januari 1947

SUMBER : http://deicapone.blogspot.com/2010/01/sejarah-al-capone.html

cara mempercepat koneksi speed bandwith warnet atau hostpot

Membuka browser Mozilla firefox kamu terserah itu yang modelnya kayak apa tapi diusahakan yang versi terbaru..

Pada addres bar ketikkan about:config Lalu akan muncil gambar seperti di bawah ini > Klik I’ll be careful, I promise

Cari string di bawah ini ( pastikan semua string di set ke ”true”) contoh penggantiannyaNetwork.http.pipelining false > klik kanan dan pilih “toggle” .

Network.http.pipelining true

Network.http.pipelining.maxreguests 64

Network.http.proxy.pipelining true

Network.proxy.share_proxy_setting false ( yang ini biarkan tetap false )

Lalu buat string baru, caranya klik kiri satu kali di mana saja,
klik kanan>new>integer.

Ketikkan nglayout.initialpaint.delay dan beri nilai 0

Kemudian refresh ato tekan F5

Pada addres bar ketikkan about:blank

NEW UPDATE FAST FIREFOX

Ganti kode:

browser.tabs.showSingleWindowModePrefs = true
network.http.max-connections = 64
network.http.max-connections-per-server = 20
network.http.max-persistent-connections-per-proxy = 10
network.http.max-persistent-connections-per-server = 4
network.http.pipelining = true
network.http.pipelining.maxrequests = 100
network.http.proxy.pipelining = true
network.http.request.max-start-delay = 0
network.http.request.timeout = 300
nglayout.initialpaint.delay = 0
network.dns.disableIPv6 = true
Restart mozilla.

Sekarang bisa kalian bedakan speednya kan hehe Sebagai catatan ada beberapa settingan tambahan lagi yang dapat diubah tapi tidak begitu penting cuma bersifat optional atau pilihan saja

Untuk Cable DSL

Ganti kode:

network.http.pipelining = true
network.http.proxy.pipelining = true
network.http.pipelining.maxrequests = 30
nglayout.initialpaint.delay = 0″

Untuk ADSL Cable

Ganti kode:

network.http.max-connections : 64
network.http.max-connections-per-server : 21
network.http.max-persistent-connections-per-server : 8
network.http.pipelining : true
network.http.pipelining.maxrequests : 100
network.http.proxy.pipelining : true
nglayout.initialpaint.delay = 0

Untuk Dial IP (Dial Up)

Ganti kode:

browser.cache.disk_cache_ssl : true
browser.xul.error_pages.enabled : truecontent.interrupt.parsing : true

content.max.tokenizing.time : 3000000
content.maxtextrun : 8191
content.notify.backoffcount : 5
content.notify.interval : 750000
content.notify.ontimer : true
content.switch.threshold : 750000
network.http.max-connections : 32
network.http.max-connections-per-server : 8
network.http.max-persistent-connections-per-proxy : 8
network.http.max-persistent-connections-per-server : 4
network.http.pipelining : true
network.http.pipelining.maxrequests : 8
network.http.proxy.pipelining : true
nglayout.initialpaint.delay : 750
plugin.expose_full_path : true
signed.applets.codebase_principal_support : true

Oya ada catatan kecil ni,,.

Kemudian klik menu :Untuk OS windows XP : tools > options.

Untuk OS linux (vector) : edit > preference.
Untuk Setting yang berbeda di
beberapa OS edit > advanced.

Pada options allow web sites to install software beri tanda centang untuk mengaktifkan ato masuk ke
tab ADVANCE lalu pilih sub tab UPDATE kemudian centangi installed add-onslalu oke

Kemudian tekan refresh atau juga dapat tekan F5

Langkah selanjutnya adalah download program:.

Switchproxytool v 1.3.4 
Here is the link <Via Ziddu> atau 

disini <via addons Mozila> ==>untuk Mozilla Ver 3.4 Ke bawah.

Fasterfox (Gogling aja) ==>untuk Mozilla ver 3.5 Ke atas.

Next

1. Extrack file yang telah anda download tadi.2. Kemudian install file tersebut dengan cara klik kanan filenya > open > pilih select the program from a list > untuk membuka file tersebut pilih browse > cari folder Mozilla firefox di program file > lalu pili firefox.exe > lalu OKE > lalu pilih install now > untuk mengaktifkan program tersebut pilih restart firefox..

3. Dan Open lagi Mozilla anda tadi.

Oke. thats is the trick.

And the last, Semoga beruntung dan Biasanya kalau mau MENYEDOT bandwith pakai ajaDAP atau IDM. .. Kalau Perlu Yang Premium Sekalian biar tambah Cepeet…Oya ni trik aku pelajari dari temenku. N Pengalaman Pribadi juga hiiii  Klo mau serial ato Crack DAP/IDM kirim ke emailq ajah di tab Info.

nb:*

—->>SwitchProxy yang anda gunakan tadi dapat Mengganti Proxy Secara Otomatis
Di Browser Mozilla FireFox.

—->>Langkah diatas Efektif dilakukan Di Warnet atau Hotspot Yang ramai untuk
Menyedot Bandwidth ke PC atau laptop Anda.

sumber : http://bosgentongs.com/2010/02/22/cara-mencuri-atau-mempercepat-koneksi-speed-bandwith-warnet-atau-hostpot/

Network Security Policy: Best Practices White Paper

Without a security policy, the availability of your network can be compromised. The policy begins with assessing the risk to the network and building a team to respond. Continuation of the policy requires implementing a security change management practice and monitoring the network for security violations. Lastly, the review process modifies the existing policy and adapts to lessons learned.

This document is divided into three areas: preparation, prevention, and response. Let's look at each of these steps in detail.

Preparation

Prior to implementing a security policy, you must do the following:

• Create usage policy statements.
• Conduct a risk analysis.
• Establish a security team structure.

Create Usage Policy Statements

We recommend creating usage policy statements that outline users' roles and responsibilities with regard to security. You can start with a general policy that covers all network systems and data within your company. This document should provide the general user community with an understanding of the security policy, its purpose, guidelines for improving their security practices, and definitions of their security responsibilities. If your company has identified specific actions that could result in punitive or disciplinary actions against an employee, these actions and how to avoid them should be clearly articulated in this document.

The next step is to create a partner acceptable use statement to provide partners with an understanding of the information that is available to them, the expected disposition of that information, as well as the conduct of the employees of your company. You should clearly explain any specific acts that have been identified as security attacks and the punitive actions that will be taken should a security attack be detected.

Lastly, create an administrator acceptable use statement to explain the procedures for user account administration, policy enforcement, and privilege review. If your company has specific policies concerning user passwords or subsequent handling of data, clearly present those policies as well. Check the policy against the partner acceptable use and the user acceptable use policy statements to ensure uniformity. Make sure that administrator requirements listed in the acceptable use policy are reflected in training plans and performance evaluations.

Conduct a Risk Analysis

A risk analysis should identify the risks to your network, network resources, and data. This doesn't mean you should identify every possible entry point to the network, nor every possible means of attack. The intent of a risk analysis is to identify portions of your network, assign a threat rating to each portion, and apply an appropriate level of security. This helps maintain a workable balance between security and required network access.

Assign each network resource one of the following three risk levels:

• Low Risk Systems or data that if compromised (data viewed by unauthorized personnel, data corrupted, or data lost) would not disrupt the business or cause legal or financial ramifications. The targeted system or data can be easily restored and does not permit further access of other systems.
• Medium Risk Systems or data that if compromised (data viewed by unauthorized personnel, data corrupted, or data lost) would cause a moderate disruption in the business, minor legal or financial ramifications, or provide further access to other systems. The targeted system or data requires a moderate effort to restore or the restoration process is disruptive to the system.
• High Risk Systems or data that if compromised (data viewed by unauthorized personnel, data corrupted, or data lost) would cause an extreme disruption in the business, cause major legal or financial ramifications, or threaten the health and safety of a person. The targeted system or data requires significant effort to restore or the restoration process is disruptive to the business or other systems.

Assign a risk level to each of the following: core network devices, distribution network devices, access network devices, network monitoring devices (SNMP monitors and RMON probes), network security devices (RADIUS and TACACS), e-mail systems, network file servers, network print servers, network application servers (DNS and DHCP), data application servers (Oracle or other standalone applications), desktop computers, and other devices (standalone print servers and network fax machines).

Network equipment such as switches, routers, DNS servers, and DHCP servers can allow further access into the network, and are therefore either medium or high risk devices. It is also possible that corruption of this equipment could cause the network itself to collapse. Such a failure can be extremely disruptive to the business.

Once you've assigned a risk level, it's necessary to identify the types of users of that system. The five most common types of users are:

• Administrators Internal users responsible for network resources.
• Privileged Internal users with a need for greater access.
• Users Internal users with general access.
• Partners External users with a need to access some resources.
• Others External users or customers.

The identification of the risk level and the type of access required of each network system forms the basis of the following security matrix. The security matrix provides a quick reference for each system and a starting point for further security measures, such as creating an appropriate strategy for restricting access to network resources.

System	Description	Risk Level	Types of Users
ATM switches	Core network device	High	Administrators for device configuration (support staff only); All others for use as a transport
Network routers	Distribution network device	High	Administrators for device configuration (support staff only); All others for use as a transport
Closet switches	Access network device	Medium	Administrators for device configuration (support staff only); All others for use as a transport
ISDN or dial up servers	Access network device	Medium	Administrators for device configuration (support staff only); Partners and privileged users for special access
Firewall	Access network device	High	Administrators for device configuration (support staff only); All others for use as a transport
DNS and DHCP servers	Network applications	Medium	Administrators for configuration; General and privileged users for use
External e-mail server	Network application	Low	Administrators for configuration; All others for mail transport between the Internet and the internal mail server
Internal e-mail server	Network application	Medium	Administrators for configuration; All other internal users for use
Oracle database	Network application	Medium or High	Administrators for system administration; Privileged users for data updates; General users for data access; All others for partial data access

Establish a Security Team Structure

Create a cross-functional security team led by a Security Manager with participants from each of your company's operational areas. The representatives on the team should be aware of the security policy and the technical aspects of security design and implementation. Often, this requires additional training for the team members. The security team has three areas of responsibilities: policy development, practice, and response.

Policy development is focused on establishing and reviewing security policies for the company. At a minimum, review both the risk analysis and the security policy on an annual basis.

Practice is the stage during which the security team conducts the risk analysis, the approval of security change requests, reviews security alerts from both vendors and the CERT  CERT  mailing list, and turns plain language security policy requirements into specific technical implementations.

The last area of responsibility is response. While network monitoring often identifies a security violation, it is the security team members who do the actual troubleshooting and fixing of such a violation. Each security team member should know in detail the security features provided by the equipment in his or her operational area.

While we have defined the responsibilities of the team as a whole, you should define the individual roles and responsibilities of the security team members in your security policy.

Prevention

Prevention can be broken into two parts: approving security changes and monitoring security of your network.

Approving Security Changes

Security changes are defined as changes to network equipment that have a possible impact on the overall security of the network. Your security policy should identify specific security configuration requirements in non-technical terms. In other words, instead of defining a requirement as "No outside sources FTP connections will be permitted through the firewall", define the requirement as "Outside connections should not be able to retrieve files from the inside network". You'll need to define a unique set of requirements for your organization.

The security team should review the list of plain language requirements to identify specific network configuration or design issues that meet the requirements. Once the team has created the required network configuration changes to implement the security policy, you can apply these to any future configuration changes. While it's possible for the security team to review all changes, this process allows them to only review changes that pose enough risk to warrant special treatment.

We recommend that the security team review the following types of changes:

• Any change to the firewall configuration.
• Any change to access control lists (ACL).
• Any change to Simple Network Management Protocol (SNMP) configuration.
• Any change or update in software that differs from the approved software revision level list.

We also recommend adhering to the following guidelines:

• Change passwords to network devices on a routine basis.
• Restrict access to network devices to an approved list of personnel.
• Ensure that the current software revision levels of network equipment and server environments are in compliance with the security configuration requirements.

In addition to these approval guidelines, have a representative from the security team sit on the change management approval board, in order to monitor all changes that the board reviews. The security team representative can deny any change that is considered a security change until it has been approved by the security team.

Monitoring Security of Your Network

Security monitoring is similar to network monitoring, except it focuses on detecting changes in the network that indicate a security violation. The starting point for security monitoring is determining what is a violation. In Conduct a Risk Analysis, we identified the level of monitoring required based on the threat to the system. In Approving Security Changes, we identified specific threats to the network. By looking at both these parameters, we'll develop a clear picture of what you need to monitor and how often.

In the Risk Analysis matrix, the firewall is considered a high-risk network device, which indicates that you should monitor it in real time. From the Approving Security Changes section, you see that you should monitor for any changes to the firewall. This means that the SNMP polling agent should monitor such things as failed login attempts, unusual traffic, changes to the firewall, access granted to the firewall, and connections setup through the firewall.

Following this example, create a monitoring policy for each area identified in your risk analysis. We recommend monitoring low-risk equipment weekly, medium-risk equipment daily, and high-risk equipment hourly. If you require more rapid detection, monitor on a shorter time frame.

Lastly, your security policy should address how to notify the security team of security violations. Often, your network monitoring software will be the first to detect the violation. It should trigger a notification to the operations center, which in turn should notify the security team, using a pager if necessary.

Response

Response can be broken into three parts: security violations, restoration, and review.

Security Violations

When a violation is detected, the ability to protect network equipment, determine the extent of the intrusion, and recover normal operations depends on quick decisions. Having these decisions made ahead of time makes responding to an intrusion much more manageable.

The first action following the detection of an intrusion is the notification of the security team. Without a procedure in place, there will be considerable delay in getting the correct people to apply the correct response. Define a procedure in your security policy that is available 24 hours a day, 7 days a week.

Next you should define the level of authority given to the security team to make changes, and in what order the changes should be made. Possible corrective actions are:

• Implementing changes to prevent further access to the violation.
• Isolating the violated systems.
• Contacting the carrier or ISP in an attempt to trace the attack.
• Using recording devices to gather evidence.
• Disconnecting violated systems or the source of the violation.
• Contacting the police, or other government agencies.
• Shutting down violated systems.
• Restoring systems according to a prioritized list.
• Notifying internal managerial and legal personnel.

Be sure to detail any changes that can be conducted without management approval in the security policy.

Lastly, there are two reasons for collecting and maintaining information during a security attack: to determine the extent to which systems have been compromised by a security attack, and to prosecute external violations. The type of information and the manner in which you collect it differs according to your goal.

To determine the extent of the violation, do the following:

• Record the event by obtaining sniffer traces of the network, copies of log files, active user accounts, and network connections.
• Limit further compromise by disabling accounts, disconnecting network equipment from the network, and disconnecting from the Internet.
• Backup the compromised system to aid in a detailed analysis of the damage and method of attack.
• Look for other signs of compromise. Often when a system is compromised, there are other systems or accounts involved.
• Maintain and review security device log files and network monitoring log files, as they often provide clues to the method of attack.

If you're interested in taking legal action, have your legal department review the procedures for gathering evidence and involvement of the authorities. Such a review increases the effectiveness of the evidence in legal proceedings. If the violation was internal in nature, contact your Human Resources department.

Restoration

Restoration of normal network operations is the final goal of any security violation response. Define in the security policy how you conduct, secure, and make available normal backups. As each system has its own means and procedures for backing up, the security policy should act as a meta-policy, detailing for each system the security conditions that require restoration from backup. If approval is required before restoration can be done, include the process for obtaining approval as well.

Review

The review process is the final effort in creating and maintaining a security policy. There are three things you'll need to review: policy, posture, and practice.

The security policy should be a living document that adapts to an ever-changing environment. Reviewing the existing policy against known Best Practices keeps the network up to date. Also, check the CERT web site  CERT web site  for useful tips, practices, security improvements, and alerts that can be incorporated into your security policy.

You should also review the network's posture in comparison with the desired security posture. An outside firm that specializes in security can attempt to penetrate the network and test not only the posture of the network, but the security response of your organization as well. For high-availability networks, we recommend conducting such a test annually.

Finally, practice is defined as a drill or test of the support staff to insure that they have a clear understanding of what to do during a security violation. Often, this drill is unannounced by management and done in conjunction with the network posture test. This review identifies gaps in procedures and training of personnel so that corrective action can be taken.

SUMBER : CISCO