PaulDotCom mailing list archives
Re: What say you!?
From: Ron Gula <rgula () tenable com>
Date: Tue, 05 Jul 2011 09:08:00 -0400
On 7/2/2011 11:41 AM, Michael Lubinski wrote:
Read: http://blog.zeltser.com/post/6479619232/protean-information-security-architecture Knowing this list has a significant amount of pen testers and such, what say you?
I really like the emotion behind this concept, but don't like this for practical reasons. It really seems like this is a "get secure quick" gimmick such as loosing weight where patch management & log monitoring is akin to diet and exercise. I don't mind at all having fake targets on the inside of your network, but the idea of constantly reconfiguring the data structures and servers as a method to thwart pen testers is no substitute for patching, tight inbound/outbound ACLs, network monitoring and log analysis. Having some realistic target honeypot targets is a great indicator, but no guarantee that your domain controller didn't just get owned. -- Ron Gula, CEO Tenable Network Security http://www.tenable.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- What say you!? Michael Lubinski (Jul 03)
- Re: What say you!? Ron Gula (Jul 05)
- Re: What say you!? Mike Patterson (Jul 05)
- Re: What say you!? Brian Erdelyi (Jul 05)
- Re: What say you!? John Strand (Jul 05)
- Re: What say you!? Mike Patterson (Jul 05)
- Re: What say you!? John Strand (Jul 05)
- Re: What say you!? Michael Lubinski (Jul 05)
- Re: What say you!? Butturini, Russell (Jul 05)
- Re: What say you!? Michael Lubinski (Jul 05)
- Re: What say you!? Mike Patterson (Jul 05)
- Re: What say you!? Ron Gula (Jul 05)