Security Basics mailing list archives

RE: About War Driving ..

From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 12 Dec 2006 12:01:11 -0800

  Eric didn't say *layered defence* was painting the door blue and
moving it around the side.  He said that Ansgar's view of the
measures which FatalSaint offered -- and which FatalSaint *called*
"layered defence" (calling it doesn't necessarily make it so!) --
were like painting and moving the door.

  Layered defence is an important and valuable concept.  But to be
useful, the individual layers need to actually constitute defences,
and Ansgar and Eric are saying that FatalSaint's suggestions don't
really measure up to that requirement. 

  If FatalSaint had suggested measures analogous to a guard and bars
and a dog, I don't think anyone would have argued.  The question then
is:  What measures are available to the admin of a wireless network
that are more analogous to these sorts of physical measures than the
suggestions that were offered?  (All of my authorized wireless points
are behind firewalls that filter traffic and log activity, and the
new one can triangulate client location as well.  But that's probably
out of the original poster's budget range.)

David Gillett

-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of Francois Yang
Sent: Tuesday, December 12, 2006 9:36 AM
To: Eric Furman
Cc: security-basics () securityfocus com
Subject: Re: About War Driving ..

I actually disagree with this analogy.
layered defense in this scenario would be; add a security 
guard to the front door, add bars to the windows and add a 
watch dog inside the house.
So the entry points are the same they didn't move, you just 
added some extra security to these entry points. So now if 
someone wanted to get in the house, they would have to get 
past the security guard before reaching the door, or get past 
the bars on the windows before getting to the windows, and 
once they get past those, hopefully the guard dog would catch him/her.

On 12/9/06, Eric Furman <ericfurman () fastmail net> wrote:

On 8 Dec 2006 14:28:21 -0000, krymson () gmail com said:

Ansgar -59cobalt- Wiechers and
FatalSaint:

Just want to say I'd watched this thread and I wanted to quickly 
point out something I felt was kind of a poignant thing

in our field.


You both have good points and, in my mind, you both have rather 
correct approaches. One of you believes that a layered

defense with

multiple hurdles will slow down attackers and stop a lot of 
non-savvy attackers, and the other prefers to shoot for the 
highly-skilled attacker and focus his efforts.

I believe both approaches are just fine, and just depends on the 
people, business/network, and needs.


I disagree. ;-) I do agree with layered defenses, if they're real.
Ansgar -59cobalt- Wiechers objects to FatalSaint's security

measures

because they amount to the following analogy; I want to

keep burglars

out of my house. Everyone knows that the entrance to houses

is in the

front and all doors are painted red.
To increase my security I am going to move the entrance to the side 
and I am going to paint my door blue. Yes, to the casual person, 
walking by, this will work, but not to any determined

attacker. All I

have really done is make thing more inconvenient for me,

the resident.

Do not push this analogy to far, but it is essentially

correct. IMHO.

----------------------------------------------------------------------

----- This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildet

ect

----------------------------------------------------------------------

-----


--------------------------------------------------------------
-------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=s
fmaildetect
--------------------------------------------------------------
-------------



---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

Re: About War Driving .., (continued)
- Re: About War Driving .. Paul daSilva (Dec 04)
- Re: Re: About War Driving .. giles (Dec 04)
- RE: About War Driving .. Dan Bogda (Dec 04)
- Re: Re: About War Driving .. anone (Dec 04)
- RE: Re[2]: About War Driving .. Paul Stone (Dec 07)
  - RE: Re[2]: About War Driving .. David Gillett (Dec 08)
  - RE: Re[2]: About War Driving .. Murda Mcloud (Dec 08)
- Re: About War Driving .. krymson (Dec 08)
  - Re: About War Driving .. Eric Furman (Dec 12)
    - Re: About War Driving .. Francois Yang (Dec 12)
    - RE: About War Driving .. David Gillett (Dec 12)
    - Blue Lane PatchPoint Mark Brunner (Dec 13)
    - Re: About War Driving .. Layne FInk (Dec 13)
- RE: About War Driving .. Erick Jensen (Dec 13)
  - Re: About War Driving .. Ansgar -59cobalt- Wiechers (Dec 14)