ABSTRACT
Do you know what is connected to your LAN? Self-propagating worms such as Slammer and MSBlaster
make the presence of unmanaged or rogue systems a major security threat. Many organizations hit by
Slammer and Blaster were infected by external systems that were brought in and attached to their internal
network, and the intensity of the attack was amplified by unmanaged (and unpatched) systems on
internal local area networks (LANs). This chapter provides guidance for operations, support, and
security personnel on how to managing common types of unmanaged systems, including systems that
are known to the organization and those that are not. The text assumes the reader already has a standard
process (and associated technology) for managing the majority of their systems and is looking for
guidance with systems that are not or cannot be subject to the standard process. This chapter is a
collection of both process and technology practices from the authors’ experiences and is, to the best
extent possible, vendor and industry neutral.