The Challenges of Network Security Remediation at a Regional University.

Author

William R. Simons, East Tennessee State University

Degree Name

MS (Master of Science)

Program

Computer and Information Science

Date of Award

5-2005

Committee Chair or Co-Chairs

Qing Yuan

Committee Members

Phillip E. Pfeiffer IV, Steven L. Jenkins

Abstract

This thesis describes challenges encountered during a year-long effort to improve the security of the 3,300 node administrative computer network at East Tennessee State University. The key remediation strategies used included employing the vulnerability scanner Nessus to profile the network, analyzing the scan results, and attempting to remove the most critical vulnerabilities found. The project succeeded in decreasing known “high” criticality vulnerabilities on campus by 26.1%, and confirmed four standard observations about the challenges of network administration:

• Vulnerability scanning is a lengthy task best performed in parallel and supported by automated data analysis.
• Securing a network is like trying to hit a moving target, due to an ever-increasing proliferation of networked hosts, services enabled by default install and lists of vulnerabilities to address.
• Failures of common sense are still among the primary threats to network security.
• Failing to retain management support for the security hardening process can jeopardize the project.

Document Type

Thesis - unrestricted

Recommended Citation

Simons, William R., "The Challenges of Network Security Remediation at a Regional University." (2005). Electronic Theses and Dissertations. Paper 987. https://dc.etsu.edu/etd/987

Copyright

Copyright by the authors.