National Security Agency (NSA) Systems and Network Attack Center (SNAC) Security Guides Versus Known Worms
Abstract
Internet worms impact Internet security around the world even though there are many defenses to prevent the damage they inflict. The National Security Agency (NSA) Systems and Network Attack Center (SNAC) publishes in-depth configuration guides to protect networks from intrusion; however, the effectiveness of these guides in preventing the spread of worms hasn't been studied. This thesis establishes how well the NSA SNAC guides protect against various worms and exploits compared to Microsoft patches alone. It also identifies the aspects of the configuration guidance that is most effective in the absence of patches and updates, against network worm and e-mail virus attacks. The results from this thesis show that the Microsoft patches and the NSA SNAC guides protect against all worms and exploits tested. The main difference is NSA SNAC guides protected as soon as they were applied where as the Microsoft patches needed to be written, distributed and applied in order to work. The NSA SNAC guides also provided protection by changing default permissions and passwords some worms and exploits use to exploit the computer as well as removed extraneous packages that could have undiscovered exploits.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 01, 2005
- Accession Number
- ADA434889
Entities
People
- Matthew W. Sullivan
Organizations
- Air Force Institute of Technology