The Art of Network Detective Work

Network detection is true crime scene investigation, and the best network detectives must be every bit as careful as cops. The following steps will help you to improve security in your networks:

Persistent Preparation

first-step-in-being-network-detectiveThe first step in successful detective work is to amass a detailed knowledge of your network, its safeguards and its vulnerabilities. The quicker you catch a crime, the less damage the criminal can do. So, figure out what kinds of attacks are most likely. Know what your network’s standard quality of service, traffic flow, and CPU levels are; if any of these factors change suddenly, there’s a good chance you’re being attacked.

Also know what kind of information your monitoring tools are likely to pick up in the event of a crime, as well as who key witnesses are. Make sure your network diagrams are accurate and easy to understand, as these are essential to quickly identifying the perpetrator.

Selecting Suspects

After you become aware of a crime, carefully assess your information and interview witnesses to identify the most likely suspects. Always let the evidence guide your search; never assume someone is a suspect based on intuition.

Quality Questions

Then, once you have a list of suspects, prepare questions to ask them. Taking into account any motives and methods they might have as well as their likely alibis. Try to anticipate how an innocent person’s answers would differ from asking-questions-evidence-already-have-attacker-cover-tracksthose of a guilty person. While asking questions, be careful not to give away the evidence you already have, as this will allow the attacker to cover his or her tracks.

Review and Reinforce

Once you’ve identified the guilty party, look back over your methods and find ways to improve them in the future. The first place to look is the attack itself: what kind of crime was committed, and how might you better protect your network from such a crime in the future. Then examine your response methods, identify any inefficiencies, and improve them for future investigations. If the witnesses you interviewed were uncooperative or didn’t know enough to be helpful, for example, consider how you might select better witnesses and encourage them to be more cooperative.

Summary
The Art of Network Detective Work - RackSolutions
Article Name
The Art of Network Detective Work - RackSolutions
Description
Network detection is true crime scene investigation, and the best network detectives must be every bit as careful as cops. The following steps will help you to improve security in your networks.
Author
Publisher Name
RackSolutions
Publisher Logo

Related posts:

  1. Virtual Data Centers: Gaining Major Momentum
  2. Extreme Network Releases Black Diamond X8 Switch
  3. Tesla’s Powerwall Battery Looks Like Game Changer for Data Centers