Firewall Wizards mailing list archives
Re: Re: Castles and Security
From: Darren Reed <darrenr () reed wattle id au>
Date: Fri, 5 Jan 2001 18:57:00 +1100 (EST)
In some email I received from Talisker, sie wrote: [...]
So where are the vulnerabilities in a castle? someone mentioned spies, they can't mount a full on attack they need to get in using a little more stealth, disguised as a trusted person or hidden in a delivery. To me they would represent a true hacker not daunted by defence in depth. Lets also bring into the equation the insider attack and the trojan horse both common problems in security today, again the castle analogy can introduce the concept just as a DDOS could be likened to a siege. As for terrorism and guerilla warfare, they wouldn't attack a castle it's too strong but they would attack traffic to and from the castle. The castle analogy isn't perfect but it will help to get some points across in infantry English
Actually, the method of engagement you, as an attacker, use when attacking a castle is highly dependant on the outcome you desire - much the same can be said for ``hackers''. DDoS is *nothing* like a siege, unless you have very little idea about how a siege really takes place. For it to be a good analogy, it'd have to be impossible to dialout from a desktop (for example). It is too damn easy to bridge around a DDoS attack...well, it may cause some trouble for web users but who cares about them ? >:-) So why wouldn't a terrorist attack a castle ? Why not get inside and put large amounts of gun powder under key vulnerabilities like the porticullus or draw bridge or under the King's chair. Lets look at it from a different angle. What do hackers hope to achieve when they attack you ? - deface your web pages ? (personal glory for them and shame for you) - steal credit card information ? - steal confidential/proprietary information for someone else - steal confidential/proprietary information for themselves - to find out what's on the inside - to 0w|\| you and last but not least - to wipe out your data systems (I've not heard of this happening in a looooong time, at least by design anyway). Anything else ? Of those, only the last is what I'd think of in the same mindset as attacking a castle. Those involving just information retrieval are more akin to sending in a spy - someone goes in as a normal user but tries to get where they shouldn't be. I'm struggling to think of a good match for the "owning" scenario. Maybe they're usurping your command of your army or bribing them ? Better yet, time to stop with trying to make analogies. The point I'm making here is that you generally storm a castle as the means to take it over. I don't know that anyone has breached a firewall with the intent to take over a company (maybe I'm just being naive here) but I can imagine them doing so to find out what's going on inside. About the best you could come up with in that situation is extortion. While the defense in depth theory is good, this is bordering on cyber terrorism, not field/trench combat. Darren _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Castles and Security Karl Wolfgang (Jan 03)
- <Possible follow-ups>
- RE: Re: Castles and Security Duquette, John (Jan 04)
- Re: Re: Castles and Security Graham Allan (Jan 04)
- RE: Re: Castles and Security Marcus J. Ranum (Jan 04)
- Re: Re: Castles and Security harley (Jan 04)
- RE: Re: Castles and Security Smith Gary-GSMITH1 (Jan 04)
- Re: Re: Castles and Security Talisker (Jan 04)
- Re: Re: Castles and Security Darren Reed (Jan 05)
- Re: Re: Castles and Security Talisker (Jan 04)