Firewall Wizards mailing list archives
Re: The Mathematics of Relative Security
From: John Adams <jna+dated+1096224847.fdd513 () retina net>
Date: Tue, 21 Sep 2004 11:54:06 -0700 (PDT)
On Mon, 20 Sep 2004, Chris Pugrud wrote:
Set theory and discrete mathematics give us a good foundation to evaluate the risk exposure between groups, but those tools only work with absolutes. A point is either a member of a set, or it isn't. If two networks are airgapped, they are logically and provably separate. If two groups are joined with a "firewall" policy of "permit ip any any" they are logically and obviously joined, with the grouping inheriting the policy and exposure of the weakest member(s). There is nothing to take into account one-way transactions, as TCP permits, other than to wave a wand over distinctive sets. If two sets can initiate communication into the intersection, but the intersection can not initiate communication out, then the sets can, observably, be show to be disjoint, outside of the intersection.
All of this noticably falls apart in the real world, where we have to allow selected ports to cross boundaries with minimal controls.
I also believe that attempting to indicate risk exposure through set theory falls apart in the real world as well. Trust relationships based on port numbers and direction mean nothing when you're running unpatched software that permits anyone to violate that trust. An unpatched server running on port 80 is no safter than the same code running on port 22. Perhaps your method is a good way of visualizing an existing configuration, but not an effective way to determine policy. -j -- J. Adams http://www.retina.net/~jna _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- The Mathematics of Relative Security Chris Pugrud (Sep 21)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 27)
- Re: The Mathematics of Relative Security Mark Tinberg (Sep 27)
- Re: The Mathematics of Relative Security R. DuFresne (Sep 30)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Adam Shostack (Sep 27)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security John Adams (Sep 22)