Chapter 17. Plugging Security Holes

In This Chapter

  • Determining which vulnerabilities to address first

  • Patching your systems

  • Looking at security in a new light

After you complete your tests, it's time to head down the road to greater security. You've found some security vulnerabilities — hopefully not too many serious ones, though! These security holes must be plugged before a hacker exploits them. This is going to require rolling up your sleeves and using a little elbow grease to make things happen. First, you need to come up with your game plan and decide which security vulnerabilities to address first. A few patches may be in order, and possibly even some system hardening. This may be a time to reevaluate your network design and security infrastructure as well. I touch on some of the critical areas in this chapter. You may also want to refer to the fine book Network Security For Dummies by Chey Cobb (Wiley Publishing, Inc.). Chey does a great job of covering each of these topics in depth.

Turning Your Reports into Action

It may seem like it should be obvious which security vulnerabilities to address first, but it's often not that black and white. When you're reviewing the vulnerabilities you found, you should consider the following variables:

  • Whether the vulnerability can be fixed

  • How critical the vulnerable system is

  • Whether you can take the system offline to fix the problem

  • How easy the vulnerability is to fix

  • Costs involved in purchasing new hardware or software to plug the holes

In ...

Get Hacking For Dummies®, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.