Re: "It's ok we're behind a firewall"

[Gene Yoo <gyoo () attbi com>]

Duane H. Hesser wrote:
> On 19-Feb-2003 John Brightwell wrote:
>
> > Are there any sites out there with the facts and
> > figures about internal exploits and cautionary tales
> > about disgruntled employees or IT savvy nighttime cleaners?
>
>
> It's hard to find such information, since companies are reluctant
> to make it public.  Here are a couple of links which might be
> useful:
>
> http://www.gocsi.com/press/20020407.html
>
> This is a press release by the "Computer Security Institute"
> which contains a few interesting statistics, and from the page
> you can request a free copy of their "2002 Computer Crime and
> Security Survey", which includes some information about percent
> of surveyed attacks from "inside".
>
> You might also check out the HoneyPot Project, at
>
> http://project.honeynet.org/
>
> They provide a number of "Know Your Enemy..." papers, including
> "Know Your Enemy: Statistics"
>
> http://project.honeynet.org/papers/stats/
>
> which may offer some insight into the problems a firewall might
> have to face, in terms of what the "blackhat" community may
> throw at it.
>
> My view: firewalls are necessary but not sufficient (unless you
> really *enjoy* forensic analysis).

i'm not sure about internal exploits, but these sites are a good place 
to start:

dshield.org
incidents.org
cert.org
sans.org

--
<<gyoo [at] attbi [dot] com>>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iQCUAwUBPhxERRxoVYCzmrKXAQJK5gP3Y7CTsFyKpEz2p5W4GWI9+qSm+kWfdJ0R
xNlma0Ma9rAL/OBJcZMo5IXyXas+3Edogbv4Al6dIf8lot1WS0Iaxxl/cg2f7gf+
otf7LfNpZDE/6OzR7A1qN6baPMLSjGzywwQWMfSVuWWb6kGQxMsA13Kn68G7Ozxs
5CODZqUPyg==
=AolA
-----END PGP SIGNATURE-----