Security Basics mailing list archives
RE: About War Driving ..
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 12 Dec 2006 12:01:11 -0800
Eric didn't say *layered defence* was painting the door blue and moving it around the side. He said that Ansgar's view of the measures which FatalSaint offered -- and which FatalSaint *called* "layered defence" (calling it doesn't necessarily make it so!) -- were like painting and moving the door. Layered defence is an important and valuable concept. But to be useful, the individual layers need to actually constitute defences, and Ansgar and Eric are saying that FatalSaint's suggestions don't really measure up to that requirement. If FatalSaint had suggested measures analogous to a guard and bars and a dog, I don't think anyone would have argued. The question then is: What measures are available to the admin of a wireless network that are more analogous to these sorts of physical measures than the suggestions that were offered? (All of my authorized wireless points are behind firewalls that filter traffic and log activity, and the new one can triangulate client location as well. But that's probably out of the original poster's budget range.) David Gillett
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Francois Yang Sent: Tuesday, December 12, 2006 9:36 AM To: Eric Furman Cc: security-basics () securityfocus com Subject: Re: About War Driving .. I actually disagree with this analogy. layered defense in this scenario would be; add a security guard to the front door, add bars to the windows and add a watch dog inside the house. So the entry points are the same they didn't move, you just added some extra security to these entry points. So now if someone wanted to get in the house, they would have to get past the security guard before reaching the door, or get past the bars on the windows before getting to the windows, and once they get past those, hopefully the guard dog would catch him/her. On 12/9/06, Eric Furman <ericfurman () fastmail net> wrote:On 8 Dec 2006 14:28:21 -0000, krymson () gmail com said:Ansgar -59cobalt- Wiechers and FatalSaint: Just want to say I'd watched this thread and I wanted to quickly point out something I felt was kind of a poignant thingin our field.You both have good points and, in my mind, you both have rather correct approaches. One of you believes that a layereddefense withmultiple hurdles will slow down attackers and stop a lot of non-savvy attackers, and the other prefers to shoot for the highly-skilled attacker and focus his efforts. I believe both approaches are just fine, and just depends on the people, business/network, and needs.I disagree. ;-) I do agree with layered defenses, if they're real. Ansgar -59cobalt- Wiechers objects to FatalSaint's securitymeasuresbecause they amount to the following analogy; I want tokeep burglarsout of my house. Everyone knows that the entrance to housesis in thefront and all doors are painted red. To increase my security I am going to move the entrance to the side and I am going to paint my door blue. Yes, to the casual person, walking by, this will work, but not to any determinedattacker. All Ihave really done is make thing more inconvenient for me,the resident.Do not push this analogy to far, but it is essentiallycorrect. IMHO.--------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer.http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect----------------------------------------------------------------------------------------------------------------------------------------- ------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=s fmaildetect -------------------------------------------------------------- -------------
--------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
Current thread:
- Re: About War Driving .., (continued)
- Re: About War Driving .. Paul daSilva (Dec 04)
- Re: Re: About War Driving .. giles (Dec 04)
- RE: About War Driving .. Dan Bogda (Dec 04)
- Re: Re: About War Driving .. anone (Dec 04)
- RE: Re[2]: About War Driving .. Paul Stone (Dec 07)
- RE: Re[2]: About War Driving .. David Gillett (Dec 08)
- RE: Re[2]: About War Driving .. Murda Mcloud (Dec 08)
- Re: About War Driving .. krymson (Dec 08)
- Re: About War Driving .. Eric Furman (Dec 12)
- Re: About War Driving .. Francois Yang (Dec 12)
- RE: About War Driving .. David Gillett (Dec 12)
- Blue Lane PatchPoint Mark Brunner (Dec 13)
- Re: About War Driving .. Layne FInk (Dec 13)
- Re: About War Driving .. Eric Furman (Dec 12)
- Re: About War Driving .. Ansgar -59cobalt- Wiechers (Dec 14)