Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPTables Based Firewall Testing - apps

From: larsmith <larsmith () tds net>
Date: 19 Dec 2003 21:54:54 -0500
Alvin Oga stated "if your IDS detects a problem ... its too late .. game
over ... - the cracker is inside .."

For all it matters, I agree and disagree.  We have a "rat trap" sort of
policy which has worked effectively.  So far, no breaches.  We're sports
minded and make sport of seeing how quickly we trip intruders up ... and
who's trip-wire got him/her/it.  While taking security seriously, we
don't lose sleep over it and have found ways to ENJOY implementing
various trip-wires along the way.  We keep score.  We keep the
competition alive amongst ourselves.  That way, we remain students,
forever learning.  Each of us has our respective hot-spots and
methodologies which we are convinced are best and in which we have the
most interest and, good sports that we are, we enjoy bringing what we
continue to learn back to work to implement.

Alvin also wrote "80% of security problems are usually from "management"
and "misguided admin" that hasnt been thru the school of hard knocks yet
and dhcp, wireless and laptops makes the problem 1000x more complex   
even though nobody does "real work" at home on their laptops "(in)secure
home environment" and hotels and internet cafe"

This is Security 101 ... as we all know ... and yet, sadly, we can't get
management to so much as read the syllabus.  Sigh.

And I agree that if it wasn't for script kiddies and "wunna beez",
InfoSec PenTesting would be much more expensive, laborious and
frustrating.

Years ago, I was taught by a wise man that if I wanted to become good at
something ( like chess, tennis, etc. ) that I should always play against
people that were better than me.  When there's no chance of us being
beaten, it ceases to be worth playing and we'll never get any better. 
If anything, we'll become slack and ineffective.  Bring on the
competition !!  And pray that they're GOOD !!

Allan


---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: