-
April 11th, 2005, 11:13 AM
#1
7 Myths of Network Security
Found this tonight .. thought it would be a good base for discussion..
7 Myths about Network Security
So this evening I was doing the dew and catching up on some reading when I came across an interesting article on Security Pipeline about the "7 Myths of Network Security". It is well worth the read. In summary, the article breaks down the 7 Myths as:
1. Myth: Encryption guarantees protection
2. Myth: Firewalls will make you bulletproof
3. Myth: Hackers ignore old software
4. Myth: Macs Are safe
5. Myth: Security tools and software patches make everybody safer
6. Myth: As long as your corporate network is unbreached, hackers can't hurt you
7. Myth: If you work for a security enterprise, your data is safe.
#5 has me thinking
Full Artical : http://www.securitypipeline.com/show...0401820&pgno=1
there you go have a read... and discuss
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
April 11th, 2005, 11:33 AM
#2
If security software patches don't make you safer then why would they distribute them?
Obviously nothing makes you inpenetrable but patching helps
-
April 11th, 2005, 11:58 AM
#3
"8. Myth: So long as the box is updated, patched and secured, end-user knowledge of security is irrelevant. "
bah - or just a myth *I* must refute on a day-to-day basis, anyway...
-Wiski C.
-
April 11th, 2005, 12:15 PM
#4
I wonder if #5 refers to a false sense of security. Just because you patch doesn't mean you're 100% safe. There have been Microsoft patches and linux kernel fixes (e.g., ptrace exploits) where the patch worked but the attackers figured out new ways around the patch. This might be partially why MS made the statement that exploits are only created after the patch is released.
-
April 11th, 2005, 12:18 PM
#5
Maybe they meant they don't make you safer because there is always another way in. Still though they do make you safer
-
April 11th, 2005, 12:25 PM
#6
If security software patches don't make you safer then why would they distribute them?
a coder reverse engineering a patch to create a work around..in other words look for a hole in the patch.
I think wiskic10_4 covers it with this reply..
"8. Myth: So long as the box is updated, patched and secured, end-user knowledge of security is irrelevant. "
the weakest link in any system is the end user.. perhaps that should be Myth # 9 ..
The weakest link is our assuming that the end user has an intelligence.. perhaps I am harsh.
In a business enviroment the first weak link is insufficient training, the assumption that computer litterate means knows the difference between Executable and a Image file, that a *.PIF and *.SCR are files that could be harmful. (dont get me on the subject of trainers.. ****ing **** some of these dont know the difference between an operating system and an application, what hope is there for correct information on security.. and the lessons are taught as this is it.. all you need to know)
Follow this with Poor Policey and even poorer enforcement..
then we get down to the systems themselves..
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
April 11th, 2005, 01:20 PM
#7
I think #5 refers to the fact that just because a patch is release, doesn't mean everyone has it applied. In a lot of cases there would be little to no exploit code released if the patch/exploit was never released at all. There would be a large hole, but noone would know it was there.
-
April 11th, 2005, 02:23 PM
#8
Everthing with security is constant viligance. There is no, and proably will never be, an install and forget method. Everything should be checked : Log files, AV updates, OS patches. Admin policies and procedures should be double checked. The end users normal day to day practices should be checked and, if needed, informed why a certain activity is not acceptable in the office.
Nice article. Thanks for the link.
~Halv
-
April 11th, 2005, 02:30 PM
#9
Since you pointed to #5, that is what I will address, but I did not think the article referenced was well written or well thought out.
Myth #5: Security tools and software patches make everybody safer
Incorrect and naive, no stupid statement. Of course they make everybody safer, the question is to what extent.
Just because security tools can be used by hackers does not mean they are not used to tighten security by those that give a damn. Hackers can use them to exploit systems managed by the sick, lame, and lazy, granted. But they can also be used to tighten systems, even systems that the average user ( those who I imagine the article was written for ) doesn’t even know affects their system(s).
And just because someone can reverse engineer a patch does not mean they are going to find another exploit, it means they can find the one the patch fixed. So if the exploit wasn’t released they may be able to find a way to exploit un-patched systems. If it was released, they do not need to reverse engineer it from the patch.
But if ( yeh, right ) people patched properly it won’t make a difference, it will help “ everybody” , especially if the upgrades are for things like DNS servers *** time stamp here *** .... anyone remember the advisories to update to latest version of BIND ???? Recent DNS cache poisoning come to mind here? ( Also has to do with Myth #3 )
Perhaps it could have been worded better.
Security tools and software patches prevent exploits
Just my thoughts.
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
April 11th, 2005, 02:45 PM
#10
Security tools and software patches prevent exploits
No they don't. They only prevent exploitation of existing and known vulnerabilities. I still view it as a false sense of security, almost like those firewalls that claim to be 100% hacker-proof. Load of crap. Too much FUDing is a bad thing as is too much blind faith in patches being the be-all-end-all solution. Patches have been known to make things worse (some open up old holes inadvertantly or create new paths to those holes). IMO the statement should be:
Security tools and software patches may prevent exploitation of your system. But you should double check everything regularly to be sure.
Maybe I'm too paranoid.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|