Firewall Wizards mailing list archives
RE: RE: In defense of non standard ports
From: "Bill Royds" <bill () royds net>
Date: Thu, 2 Feb 2006 10:26:31 -0500
-----Original Message----- From: firewall-wizards-admin () honor icsalabs com On Behalf Of Paul D. Robertson On Fri, 27 Jan 2006, R. DuFresne wrote:
Now to the end of the statement, do they have pull with mgt? Well, they are pulling in a far different direction the more they tend to ruffle whole departments by crying wolf <sorry, no that trojan port your nessus scan spotted means less this month then it did last month you spewed it up the mgt hill on our RACF mainframe, or sorry no your nessus skills are not truly honed if you think pcanywhere is running on that solaris box>.
But it's a long climb from "Hey, you're a computer person, here's a security hat" to "Hey, let's hire some security people." That's a big jump forward- NOW we need to direct that energy more productively. That's why I think we need to go back and start rattling firewall ruleset cages instead of looking at shiny IDS reports, we've now got to get some common, solid, understood security baseline industry-wide, otherwise we all get painted with the "ineffective" brush. --------------------- I have just started to teach a course in computer/information security to people studying for a community college diploma in (physical) security management. They are not computer types but are much more aware of the principles of security than most computer people. Perhaps these are the people to help get computer security out of the bench jockey mode and into the "this a priority in how we run this organization" mode. Interestingly with respect to non standard ports. Yesterday I explained that computer ports are somewhat like doors and loading bays in a building. One of the principles of physical security is that you should never allow a door to be unlocked without authorization (either a guard or an authorized person with the key). They were aghast when I explained that some systems let people arbitrarily add new ports to their servers without a security review for the necessity. It would be a firing offence to have someone decide that they could leave a loading dock open all week just so that someone could deliver something next Saturday. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: RE: In defense of non standard ports R. DuFresne (Feb 01)
- RE: RE: In defense of non standard ports Jim Seymour (Feb 02)
- <Possible follow-ups>
- Re: RE: In defense of non standard ports R. DuFresne (Feb 01)
- Re: RE: In defense of non standard ports Paul D. Robertson (Feb 02)
- RE: RE: In defense of non standard ports Bill Royds (Feb 02)
- RE: RE: In defense of non standard ports R. DuFresne (Feb 20)
- Re: RE: In defense of non standard ports R. DuFresne (Feb 02)
- Re: RE: In defense of non standard ports Paul D. Robertson (Feb 02)