MS (Master of Science)
Computer and Information Science
Date of Award
Committee Chair or Co-Chairs
Phillip E. Pfeiffer IV, Steven L. Jenkins
This thesis describes challenges encountered during a year-long effort to improve the security of the 3,300 node administrative computer network at East Tennessee State University. The key remediation strategies used included employing the vulnerability scanner Nessus to profile the network, analyzing the scan results, and attempting to remove the most critical vulnerabilities found. The project succeeded in decreasing known “high” criticality vulnerabilities on campus by 26.1%, and confirmed four standard observations about the challenges of network administration:
- Vulnerability scanning is a lengthy task best performed in parallel and supported by automated data analysis.
- Securing a network is like trying to hit a moving target, due to an ever-increasing proliferation of networked hosts, services enabled by default install and lists of vulnerabilities to address.
- Failures of common sense are still among the primary threats to network security.
- Failing to retain management support for the security hardening process can jeopardize the project.
Thesis - Open Access
Simons, William R., "The Challenges of Network Security Remediation at a Regional University." (2005). Electronic Theses and Dissertations. Paper 987. http://dc.etsu.edu/etd/987
Copyright by the authors.