What is JacketFlap

  • JacketFlap connects you to the work of more than 200,000 authors, illustrators, publishers and other creators of books for Children and Young Adults. The site is updated daily with information about every book, author, illustrator, and publisher in the children's / young adult book industry. Members include published authors and illustrators, librarians, agents, editors, publicists, booksellers, publishers and fans.
    Join now (it's free).

Sort Blog Posts

Sort Posts by:

  • in
    from   

Suggest a Blog

Enter a Blog's Feed URL below and click Submit:

Most Commented Posts

In the past 7 days

Recent Posts

(tagged with 'network attacks')

Recent Comments

Recently Viewed

JacketFlap Sponsors

Spread the word about books.
Put this Widget on your blog!
  • Powered by JacketFlap.com

Are you a book Publisher?
Learn about Widgets now!

Advertise on JacketFlap

MyJacketFlap Blogs

  • Login or Register for free to create your own customized page of blog posts from your favorite blogs. You can also add blogs by clicking the "Add to MyJacketFlap" links next to the blog name in each post.

Blog Posts by Tag

In the past 7 days

Blog Posts by Date

Click days in this calendar to see posts by day or month
<<June 2024>>
SuMoTuWeThFrSa
      01
02030405060708
09101112131415
16171819202122
23242526272829
30      

Writer Blogs

Agent Blogs

Publisher Blogs

Editor Blogs

Librarian Blogs

Bookseller Blogs

Reviews Blogs

Illustrator Blogs

News Blogs

Industry Blogs

new posts in all blogs
Viewing: Blog Posts Tagged with: network attacks, Most Recent at Top [Help]
Results 1 - 2 of 2
1. Third and final installment on How to Survive a Network Attack
Blog Icon
0 Comments | Next
By: Alice, on 4/17/2009
Blog: It's All Good (Login to Add to MyJacketFlap)
JacketFlap tags:  network attacks, alice, security, Add a tag

It's been a crazy week here at OCLC. Lots of good stuff in the works. I have been joking that the whole company will exhale a collective sigh of relief when all the planned spring and summer upgrades/enhancements/releases finally go through.

I spent an extended holiday weekend last weekend in my hometown of Alva, Oklahoma visiting as many family members as possible. Where else do you find a baby calf, a rabbit, a dog, 2 kittens and an indeterminate amount of chickens in the same backyard? I love it!

I was recently reminded that I hadn't give you the final installment in the IAG occasional series on "How to Survive a Network Attack" for small and medium-sized libraries. If you have IT people who specialize in security, rock on. If not, maybe these tips will help. This is the third chunk.
Find the previous two chunks are here:

Reduce the likelihood of an attack.
Have visibility into the problem.



Determine what you’re up against.
In the middle of a problem, it can be easy to jump to conclusions that will lead you astray.

* Is there really an attack going on, or is there another cause, such as a misconfiguration, equipment failure or power outage?
* Is your network the target of an attack, or is it the source?
* Is your network the target of an attack directed specifically at your organization, or are you caught up in a larger issue?
* Is the apparent intent of the attack to cause a service interruption, or are interruptions the side effect of a different type of attack?

Be able to block.
* Choke points in your network: Identify in advance the most efficient places in your network to perform filtering. A good place to look is Access Control Lists on the router that connects your network to the Internet.
* Quality of Service (QoS) controls: Even better than being able to block is to be able to control the amount of resources devoted to different types of traffic. With QoS controls configured in your network, you may be able to throttle the bad traffic while ensuring that there are enough resources devoted to critical services.
* Maintain a relationship with your Internet Service Provider: By the time traffic reaches your network it may be too late, and it may be more than it can handle.

Above all, don’t panic.

###

My take is that there are people who make their living providing security for online services. And lucky for libraries, there are data streams that are much more prone to attacks, too. I know we all love our MARC XML (sent through RESTful queries, no doubt) but banks and health care providers deal with data that is every bit as sensitive (I would argue much more so) than library data.

So if we take some pro-active steps, we will probably survive a network attack just fine and even live to tell the tale.

0 Comments on Third and final installment on How to Survive a Network Attack as of 4/17/2009 8:11:00 PM
Add a Comment
More from this Blog | Email This | Add a Tag
2. Warm up for Code4Lib
Blog Icon
0 Comments | Previous | Top |
By: Alice, on 2/20/2009
Blog: It's All Good (Login to Add to MyJacketFlap)
JacketFlap tags:  Code4Lib, c4l09, oclc developer network, oclc grid services, network attacks, oclc boot camp, Add a tag

A few of us are gearing up for Code4Lib 2009 in Providence, RI next week. Very fun. I am going to be at the OCLC Grid Services Boot Camp, to learn, take photos and I hope take a few videos as well. Promises to be a good time, given the list of attendees. Wish I could stay for the whole conference, but someone has to mind the store (as they say).

As a techhead warm-up and the start of a continuing series of somewhat random but helpful tidbits, I was chatting with one of the security officers at OCLC and he compiled a list of tips for surviving a network attack. I'll give these to you in bite-sized pieces.

Here's the first one:

Reduce the likelihood of an attack.

Like campers who tie their food up in trees to keep bears away, you’ll want to make sure you don’t have any enticing tidbits for Internet attackers.

Here are a few key findings to look out for:

* Unpatched systems: Attackers wanting an easy target will look for systems that are behind in updates.
* Open web proxies: Misconfigured proxies can attract a lot of traffic because they may allow remote users to get around firewall restrictions or to get unauthorized free access to resources.
* Cross-site scripting vulnerabilities: Cross-site scripting (XSS) is a type of web application vulnerability where an attacker can use your web pages to attack other users.

Stay a step ahead of the attackers and identify these and other weaknesses in your systems with a vulnerability scanner like Nessus. Nessus is a very powerful and potentially dangerous tool, so make sure that you have the proper authorization, that you have familiarized yourself with how it works, and that you choose your targets carefully.

0 Comments on Warm up for Code4Lib as of 1/1/1900
Add a Comment
More from this Blog | Email This | Add a Tag