Scribd Logo
Upload

Welcome to Scribd!

  • M (Internal Audit) (Internal Control) Proactive ! "#! $ $#!% & '

    Uploaded by

    Chutima Niamphonkrang
    6 views24 pages

    Original Title

    งาน++

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views24 pages

    M (Internal Audit) (Internal Control) Proactive ! "#! $ $#!% & '

    Uploaded by

    Chutima Niamphonkrang

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    m

    
    
     
    
    (Internal Audit) 
    
    
    (Internal Control) 
    Proactive 
     
    ! 
    "#!
    $ $#!%
     
    
    
    & '
     

    6 
      6
     6
      ] 
    
     #m 
     
    
    
    ()
    "* ( 
    
    
    #! (Risk Assessment) +,!
    &
    #!
    % -'.
     
    '
    Microsoft /
     $
    
    m)"'*%&
    UNIX 
    SUN, HP ) IBM (SUN Solaris, HP/UX 
    IBM AIX 
    
    m) %'0
    
    ! 
    
    
    0(
    0
     
    0
    
    
     m0#! 
    
    %! / 1m

    6 
      6
     6
      ] 
    m (
    
    )$m ' 
    &
    UNIX/Linux , !
    
     '
    ! m2! #! $1m
    
    /, %' )'#!UNIX/ Linux #!
      # -' 1'1m
    1 )
    /- m
    "Hardening"

    6 
      6
     6
      ] 
    %' )'&
    UNIX/ Linux #!
    2
    (
    3
    SANS Top
    20 20041m%' )' UNIX/
    Linux 1( )m10 #
     #m
    m ' 1#(

    $ 6 
    
        !   
    
    
    )$.")
    %' )'
    BIND ' 
    
    "Berkeley Internet Name
    Domain" DNS Server #!#4-%
    
    #!m'*#%' )' -'
    
    
    %' '
    %'%' )'#!
    )BIND
    Service 1'

    /
    DNS 'm
    .")
    
    
    
    )#!' %
    ! 
     $*(1'
    
    /
    /, 1m'
    
    .")
    )"'#!1'
    

    $ 6 
    
        !   
    

    0#
    .")

    1. 
    .")
    # !

    ' #
    ! m
     * 
    %
    BIND )1% DNS
    Server  !2
    BIND 
    m%' )' -'

    2. 
    5mService BIND Daemon ) named
    *
    #!m#6#1#! '1m%
    DNS
    Server
    3. 
    m ( Patch )BIND 
    !
    
    ( #
    ! 
    # 2%' )' 
    BIND
    4. 
    7 
    
    "Zone Transfer" 
    
    /
    ( '
    1m18$"named.conf"

    6 ] 
    
    

    
    )$.")
    %' )'
    eb Server #!% UNIX/Linux '
    )"'Apache eb Server 
    

    'PHP Module,
    OpenSSL Module MySQL RDBMS
    %' )'#!2
    * 
    m( 
    eb Server 
    '
    m
    )m('
    
    Default) 
    )9 $
    
    /
    

    1m)
    1'1m#! '
    m
    
    )m
    '

    6 ] 
    
    
    0#
    7 
    1. m( Patch '
    m)eb Server
    Modules !:#!

    'eb
    Server
    2. 5m8. $%!) 
    #!1'
     %
    3. %
    Modules m
    Security %'
    mod_security 
    www.modsecurity.org
    +,! 
    
    /7 Cross Site Scripting
    (XSS) SQL Injection

    ! 6 6  
    
     
    
    
    )$.")
    %' )'
    
    %Password '
    : '
    1'
    m )) 
    /-
    
    '
    50% 
     
    
    
    
    9 $ 100%#!/-,/1
    )
    UNIX/Linux Server 
    ! user 

    1'#password ) 1'*username 
    password '
    m#
    )
    9 $
    
    /
    
    1m '

    '
    m
    

    ! 6 6  
    
     
    
    0#
    .")

    1. ( password )#


    ++ 
    '
    
    
    mm
    #
     ;
    1'!
    '
    8 ;
    2. *password 18$#!#
    
    )m
    Hashing Algorithms #!#
     * '
    3. 
    
    )
    Login 
    %'
    1m
    %'
    %SSL Protocol (https)
    eb Server 

    6" 
    
     
    
    
    )$.")
    %' )'
    CVS ) Concurrent Versions System 
    CVS #!
     %
    
    Source Code  
    Open Source '*
    ' )m%' )')User Anonymous 

    
    1m #.")
    heap-based
    buffer overflow 9 $
    
    / Exploit
    
    -' 
    1m
    (9 $

    
    1 Source Code 2! <. Backdoor
    ) Trojan Program ' < 

     
    
    )

    6" 
    
     
    

    0#
    .")

    1. % CVS Software Version '


    m
    '
    (m
    
    /Download Source
    Code

    c 6 
     
    
    )$.")
    %' )'
     *$$) Email 
    #(
    "#!
    
    m1'1m1
    #!
    "
    -' Email * Mail
    Transport Agents (MTA) sendmail 
    MTA #%' )'
    #!m m),! 
    
    ) qmail postfix #
    ;
    
    
     m)MTA  '
    m##%'
    )'2# * ! # sendmail

    c 6 
     

    0#
    .")

    1. /
    1'1m%MTA *)5m
    MTA
    Service
    2. m( Patch '
    m)MTA 
    3. 
    
    
    
    m
    
     m
    web site MTA ''
    

    66  
    
    )$.")
    %' )'
    m4
    - )
     '
    #1! '1m
    , /, !
    
     m ( '
    SNMP community string
    '
    default m
    )m "public" 
    "private" 
    )m%' )'#
    ! #!/-9
     $ "Scan SNMP" 
    
    4'
    
    Port UDP 161
    ! 9 $
    
    
    m%SNMP community
    string m '
    9 $
    
    
    1 '
    
    Configuration '
    :Router Switching 1m
     m' - -'
    : '
     

    
     -Routing Table #!* -' Router 
    

    66  

    0#
    .")

    1. 1'5m%SNMP Service m1'


    
    
    2. % SNMP Version 3
     m'
    % SNMP
    Version 1) Version 2
    3. 
    
     SNMP m
    5mPort
    UDP161UDP 162#!Router ) 
    Switching m%Access List ) 
    Firewall Rules

    6
    
    )$.")
    %' )'
    OpenSSL /-
    
    %
    
    Encryption
    Tunnel )
    )
    
    1''
    
    eb Server (http), Email (POP3, IMAP,
    SMTP) LDAP 2
    ! 
    )9 $1'
    
    
    /m - 
    1m '
    :'
    OpenSSL *#m ' ! 
    %' )'
    OpenSSL Module  m=2
    
    Version ' 0.9.7c

    6

    0#
    .")

    1. )upgrade OpenSSL Version


    )''
    m) 
    '
    version 0.9.7c
    ) 0.9.6l
    2. %ipfilter ) netfilter 7 
    - Host-Based Firewall

    6  
     
    
    )$.")
    %' )'
    Network File System (NFS) 
    Network Information Service (NIS) 
    
    (Services) #!m
    UNIX/Linux
    Distribution m=2
    
    ! 
    SUN #!%&
    SUN Solaris
    .")
    * NFS/NIS #!
    % -'(#%'
    )'#!9 $
    
    /
    
    -'
    UNIX/Linux 
    1m/
    
    1'm(
    
    NFS/NIS '
    m

    6  
     

    0#
    .")

    1. /
    1'
     %
    NFS/NIS )5m
    
    #
    2. 18$Configuration /etc/export NFS
    ( '
    '
    m
    3. %TCP rapper ) 
    iptables/netfilter 
    5m
    
    )
    Host #!1'
     %
    NFS/NIS

    6 
      
    ] 
    
    )$.")
    %' )'
    '
    /, 3
     -.#(/ 
    )
    "))
    %'
    ERP, SCM ) CRM 3
     -
    #! 
    
    %' )') #%' )'
     #!m'
    #!11m3
     -#!
    %UNIX/Linux 1m'Oracle, IBM
    DB2, MySQL PostgreSQL m9 $
    
    
    /
    
    
    ' 3
     -m' 
    
    Port 3
     -'

    6 
      
    ] 
    0#
    .")

    1. 
    
    m( Patch '
    m)
    3
     - 
    '
    !
    
    2. #!'
    m
    )m(default) '
    :
    #!
    3
     - m( ( 
    m=2
    default username 
    password  #!#

    $ 6
    
    )$.")
    %' )'
    2ernel / '
    "#!m
    &
    ' ( #!2ernel  
    m%' )'! 
    #2
    )9
     $= 
     #!
     1'1mUpdate
    2ernel 
    
    -' 
    m
    %'
    )'#!2ernel

    $ 6
    0#
    .")

    1. 
    
    "Tune" 2ernel )#/#
    2
    Update 2ernel Patch '
    m)
    &
    
    2. 5m
    #!1'
    2! 1')9 $

    %' )'
    
    )'
    (
    
    
     ##),!
    3. m
     '
    
    %' )' 2ernel -'
     m2! #!5m%' )'1m' #

    You might also like