National Security Agency (NSA) Systems and Network Attack Center (SNAC) Security Guides versus Known Worms

Author

Matthew W. Sullivan

Date of Award

3-2005

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Rusty O. Baldwin, PhD

Abstract

Internet worms impact Internet security around the world even though there are many defenses to prevent the damage they inflict. The National Security Agency (NSA) Systems and Network Attack Center (SNAC) publishes in-depth configuration guides to protect networks from intrusion; however, the effectiveness of these guides in preventing the spread of worms hasn't been studied. This thesis establishes how well the NSA SNAC guides protect against various worms and exploits compared to Microsoft patches alone. It also identifies the aspects of the configuration guidance that is most effective in the absence of patches and updates, against network worm and e-mail virus attacks. The results from this thesis show that the Microsoft patches and the NSA SNAC guides protect against all worms and exploits tested. The main difference is NSA SNAC guides protected as soon as they were applied whereas the Microsoft patches needed to be written, distributed and applied in order to work. The NSA SNAC guides also provided protection by changing default permissions and passwords some worms and exploits use to exploit the computer as well as removed extraneous packages that could have undiscovered exploits.

AFIT Designator

AFIT-GIA-ENG-05-07

DTIC Accession Number

ADA434889

Recommended Citation

Sullivan, Matthew W., "National Security Agency (NSA) Systems and Network Attack Center (SNAC) Security Guides versus Known Worms" (2005). Theses and Dissertations. 3881.
https://scholar.afit.edu/etd/3881