Re: New presentation is up: 0days: How hacking reallyworks

[robert () dyadsecurity com]

Maynor, David (ISS Atlanta)(dmaynor () iss net)@Tue, Feb 01, 2005 at
> A correctly designed network should be able to withstand one or two
> 0day in major applications and still stay useful. If your
> infrastructure can be brought down by a single bug then you should
> look long and hard at its design. 

When the technology enforcing the security policy has no true
enforcement or auditing of privilege transitions, modeling the
effectiveness of a containment measure is not possible.

The technology in use by most today simply fails in the presence of
malice.  I do not currently know of a way to deliver this "correctly
designed network that is capable of withstanding 0days" without using
technology like Mandatory Access Controls, Domain and Type Enforcement,
Network Labels, etc.  How many corporate networks have you audited that
are using that technology.  I haven't seen many.

Most networks are like cheap women; they will gladly let you have their
way with them, especially if you hook them up with a couple of shots (or
0days... hey I hear it worked for Dave! :P).

Robert

-- 
Robert E. Lee
CTO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robert () dyadsecurity com
M - (949) 394-2033
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave