Full Disclosure mailing list archives
RE: [PHC] Sermon #2: Security Industry
From: Gregory Kornblum <GKornblum () guesswho com>
Date: Sat, 23 Nov 2002 04:04:00 -0500
As a self-confessed black hat, in your ideal world, how would you help me stay secure and prevent all the attacks that bludgeon my network? This is a legitimate question, and I would appreciate a legitimate answer, rather than the usual blather that has dominated this list. And I'm not hiding my name either.
No I am not a blackhat. However I am a believer in project mayhem. If that classifies me so be it. The current state of security is sickening. What I am is a simple software engineer that does my part to protect what is close to me. However God gave me a voice and I see these profiteering gluttons trying to hide the real truth behind project mayhem. As I think the members of it do to an extent also. See not only do eyes need to be opened in the security industry but in the IT industry as a whole. See no network is 100% secure ever. However with the right combination of tools you can see every little detail that is occurring in your network and a human eye can do allot better than some ISS algorithm. For the most part you don't have to be an expert to monitor those tools and kill off anything uncertain. That can be done with a flurry of free tools and 3 8 hour shifts at no more than $15 USD an hour. Which comes to a total of say $50000 USD on server equipment and $131400 a year in human resources. No your network will be broken into but when it happens they wont be there long enough to do any damage. That is my philosophy and I know there is even how-to's out there on that kind of monitoring. However you might hear it and not feel the same. Others probably won't even hear it at all. But there is a better way and I would like to see it happen and soon. Home computers are getting hit now because of this insanity disclosure has created. That's just plain stupid and needs to stop. Regards! Gregory Kornblum Software Engineer greg () guesswho com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [PHC] Sermon #2: Security Industry phc (Nov 20)
- <Possible follow-ups>
- RE: [PHC] Sermon #2: Security Industry auto473306 (Nov 21)
- RE: RE: [PHC] Sermon #2: Security Industry Gregory Kornblum (Nov 22)
- RE: RE: [PHC] Sermon #2: Security Industry Schmehl, Paul L (Nov 22)
- Re: RE: [PHC] Sermon #2: Security Industry outraged (Nov 22)
- RE: [PHC] Sermon #2: Security Industry Gregory Kornblum (Nov 23)