Security Basics mailing list archives
RE: "It's ok we're behind a firewall"
From: "Duane H. Hesser" <dhh () monroe net>
Date: Thu, 20 Feb 2003 20:14:42 -0800 (PST)
On 19-Feb-2003 John Brightwell wrote:
Are there any sites out there with the facts and figures about internal exploits and cautionary tales about disgruntled employees or IT savvy nighttime cleaners?
It's hard to find such information, since companies are reluctant to make it public. Here are a couple of links which might be useful: http://www.gocsi.com/press/20020407.html This is a press release by the "Computer Security Institute" which contains a few interesting statistics, and from the page you can request a free copy of their "2002 Computer Crime and Security Survey", which includes some information about percent of surveyed attacks from "inside". You might also check out the HoneyPot Project, at http://project.honeynet.org/ They provide a number of "Know Your Enemy..." papers, including "Know Your Enemy: Statistics" http://project.honeynet.org/papers/stats/ which may offer some insight into the problems a firewall might have to face, in terms of what the "blackhat" community may throw at it. My view: firewalls are necessary but not sufficient (unless you really *enjoy* forensic analysis). -- ---------------------------------- ...just be glad Microsoft doesn't make passenger airlplanes. Duane H. Hesser <dhh () monroe net> ----------------------------------
Current thread:
- "It's ok we're behind a firewall" John Brightwell (Feb 20)
- RE: "It's ok we're behind a firewall" Duane H. Hesser (Feb 22)
- Re: "It's ok we're behind a firewall" Gene Yoo (Feb 24)
- Re: "It's ok we're behind a firewall" Alessandro Bottonelli (Feb 22)
- Re: "It's ok we're behind a firewall" Chris Travers (Feb 24)
- <Possible follow-ups>
- re: "It's ok we're behind a firewall" H C (Feb 20)
- RE: "It's ok we're behind a firewall" Ben Schorr (Feb 22)
- Re: "It's ok we're behind a firewall" David Vertie (Feb 24)
- RE: "It's ok we're behind a firewall" James Liddil (Feb 24)
- RE: "It's ok we're behind a firewall" Chris Santerre (Feb 24)
- RE: "It's ok we're behind a firewall" Duane H. Hesser (Feb 22)