Firewall Wizards mailing list archives

Re: Mis-attribution - Re: How automate firewall tests

From: "Paul Melson" <pmelson () gmail com>
Date: Mon, 13 Nov 2006 11:02:47 -0500

-----Original Message-----
Subject: [fw-wiz] Mis-attribution - Re: How automate firewall tests

That's OK. It doesn't matter whether you do or not. You can choose to 
go around not believing in the laws of physics, either. But that 
doesn't change the fact that "the bigger they come, the harder they hit."


There is no doubt that, given infinite resources, a perfect security

implementation could be created.  

...for time T where T is less than 1 business day.  Then it would need to be
changed.

Man I'm sorry I missed this thread.  I figured out last week that Gmail's
been marking large portions of fw-wiz as spam.  Also sorry I missed you guys
at IANETSEC's event in Lincolnshire last week.

I did a presentation last year on security models and why they're a red
herring.  The audience was a group of developers, so I focused more on
actual models like MAC, TAM, etc. (as opposed to the rebundling of
least-privilege as the "positive security model").  The bottom line was that
I urged the audience to think more about modular design than about models so
that systems are easier to modify to adapt to meet new needs and mitigate
new threats.

And while you can argue the merit of modeling either way - and I don't
believe that access models are worthless, far from it, in fact - you miss
the point by focusing on it.  Marcus likes to say that "the hackers don't
care...," and he's right.  Hackers exploit security outside of the
assumptions of security models*, including least-privilege.

If access models or least-privilege worked, then taking away local admin
rights on workstations would be a huge step towards stopping the spread of
malware.  And using RBAC in your payroll app would prevent data disclosure.
But the problems are that even when these models are followed to their
letter (if not their spirit), they fail to prevent common problems because
malware can survive in unprivileged space and because confidential
information disclosures occur outside of the application.  

My $0.02 on the subject, anyway.

PaulM

* I stole this from Dorothy Denning.  You should read the speech I lifted it
from:
  http://www.cs.georgetown.edu/~denning/infosec/award.html

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 12)
- Message not available
  - Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 13)
- Re: Mis-attribution - Re: How automate firewall tests Paul Melson (Nov 13)
- Re: Mis-attribution - Re: How automate firewall tests R. DuFresne (Nov 13)
  - Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 13)
    - Re: Mis-attribution - Re: How automate firewall tests R. DuFresne (Nov 15)
    - Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 15)
    - Re: Mis-attribution - Re: How automate firewall tests Crispin Cowan (Nov 17)
    - Re: Mis-attribution - Re: How automate firewall tests Brian Loe (Nov 18)
    - Re: Mis-attribution - Re: How automate firewall tests Chris Blask (Nov 18)
- Re: Mis-attribution - Re: How automate firewall tests Crispin Cowan (Nov 13)