whats more challenging?

View Poll Results: Which of these items are of the highest priority for your organization?

Voters
3. You may not vote on this poll
  • Alternative to Secure ID -VPN Offering

    0 0%
  • User Authentication

    1 33.33%
  • Biometrics

    2 66.67%
  • Remote Web Access

    0 0%
  • Automatic Password Generation

    0 0%
Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: whats more challenging?

  1. #1
    Banned
    Join Date
    Apr 2002
    Posts
    149

    whats more challenging?

    being a [glowpurple]hacker[/glowpurple] or being the [gloworange]security[/gloworange] ?


    my feeling is being the hacker because the security should already know all of the ins and outs of their systems.

  2. #2
    Old Fart
    Join Date
    Jun 2002
    Posts
    1,658
    I call it even....security and hacking is kinda like a chess game, IMHO.
    Al
    It isn't paranoia when you KNOW they're out to get you...

  3. #3
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888

    Thumbs up Nice topic...

    I have to agree with Bob, I think the hacker has to stay in tune with his coding and study in order to maintain a certain edge on security, as security might be a bit more stressful ( waiting for the hacker to find another hole to exploit ) Of course security would rather see a hacker than a determined cracker. Cool thread Bob, lets see how this one goes.
    I have a question; are you the bug, or the windshield?

  4. #4
    I have to say the sys admin has a rougher time than the cracker because the cracker is always one step ahead of the game. Virii come before the virus definition, a patch is released after the exploit is found, you get the picture.

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    Well Bob don't know why your angry but software is not set it sort of mutates. Yeah hackers have an advantage why? Cause sys Admn is not only dealing with server issues but also software license compliance and EULA's, end users and some most lame. Throw into that they have a home life like a girl friend, wife and maybe kids. Yeah hackers have it over me is an 8 hr job, but then hackers spend days finding a flaw have no life and give me the info for free. Me hackers now days work damn hard but not to smart, me I like working smart but not hard. After all I don't spent countless hours for bragging rights..me well auto depost works just fine
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  6. #6
    Banned
    Join Date
    Sep 2001
    Posts
    522
    The admin just has to know his own system and keep up with updates and such. The Hacker has to study alot of different kinds of systems, and code different exploits and such to break in. I say the hacker has alot more work then the admin does.

  7. #7
    Purveyor of Lather Syini666's Avatar
    Join Date
    Aug 2001
    Posts
    553
    Id have to say security would be harder, cause you have to defend your system from all threats, both internal and external. A hacker would be looking for holes in a single sytem. Though a good security person should try to find the holes before someone malicious does.
    You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

  8. #8
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    Security is all about not only knowing what is out here as far as exploits but in also understanding the nature of the hacker. Most modern day firewalls will take care of most budding hackers, and they have now to figure out if the easy target is well just open or a honey pot...BBBBZZzzzzzzzzz little bees they are. Hackers may yes find a flaw but a cracker or script kidde simply uses their published work often times for criminal means or bragging rights. Not often you find a hacker that uses an exploit in another system, only upon their test systems. Advantage is Security wise you have to understand the impact of the exploit on your network. Crackers may just read about it and run all of their latest tool kits not even knowing what OS they are breaking into and well when they find out have to do more homework.
    Advantage is Security given the fact that most Sys Admin if the system has a full time one is on top as much info as any cracker.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  9. #9
    Senior Member
    Join Date
    Jun 2002
    Posts
    165
    attackers have clear advantages in my opinion.

    sec admins have limitations of:
    1) finances (you wanted checkpoint and you got brand x which doesn't include an enterprise management module for the 8 firewalls that are deployed)

    2) time (don't go over 40 hours...and why is it taking you so long to update the firewall policies?)

    3) numbers (one to ten of the guys/gals in white vs. an undeterminable number of possible attackers)

    4) general practice (policies and procedures that require all of the above, and in immediate need in an after the fact approach - all of the documentation a hacker will do has already been done.)

    5) ethics (he/she's probably willing to do something admins won't)

    6) planning (alluded to in 4: a specific game plan has already been set before the first real attack - defensive planning is generalized and lacks focus on the situation at hand)

    7) distractions (coke cans, coffee mugs, cigarette trays, pizza boxes - the bad guys don't plan on leaving or haven't had a history of doing so - vs. patch distributions, email filtering/virus updates, log and alert review, illegal usage statistics/reports, expansion plans)


    and none of these are the faults of the administrators - it's just the typicall environment they fall into in the corporate security realm.
    -droby10

  10. #10
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888

    Question

    Hi droby10,
    Good point, and I can definately agree with you an the security procerdures you have listed. Just for gags lets look at the hackers POV.

    1. finances ( You wanted that new mobo you saw while surfing only to find that its twice
    what you expected, so instead of the mobo you buy the new shoot-em-up and sluff off
    for a week trying to beat the boss )

    2. time ( Whats that? Oh...you mean 18 to 20 hours a day? )

    3. numbers ( I am just one dude against a thousand or more companies that need to be
    taught that their security has holes and potential hazards they need to address
    immediatly )

    4. general practice (policies and procedures that require all of the above, a swift and
    properly timed sweep, bot deployment, and data collection. )

    5. ethics ( I know that this might p*ss him off but here goes, hope he don't have an anurism
    or something trying to figure out how to plug this new hole I just found. )

    6. planning ( Da**! This admin has his sh*t together, Where did I put that utility I just
    downloaded yesterday? or was it last week? )

    7. distractions ( Kids running around the house, screaming and putting dirt in their little
    sisters pants, Mrs. Smith down the street is needing you to show her that when the
    mouse gets to the bottom of the pad , but the cursor is in the middle of the screen that
    its not defective hardware... )

    None of these are the fault of the hacker - its just how it is man -- Sh*t Happens!


    I will probably get negged for this post. But this Just kinda came to me and I couldn't help see the humor in it...don't take offense droby10, please, I am half asleep and just funnin.
    I have a question; are you the bug, or the windshield?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •