7 Myths of Network Security

[XTC46]

Perhaps it could have been worded better.

Security tools and software patches prevent exploits

Just my thoughts

Security tools and software patches -WHEN APPLIED- prevent -THE USE- of exploits.


like zengger said, patches just publicly announce the exploit. If an admin doesnt patch the whole then all the patch release is doing is advertising an opening. This of course all falls back to the replies about lack of user security practices.

[Black Cluster]

Myth #5: Security tools and software patches make everybody safer

I think that this statment is relatively true. Security tools and patches are published in order to preven black hats from exploiting them. They will find another way to break into systems though. This circulation won't stop, it is the war between the good and the evile.

Why this statment is really rational?? Because many vulnerabilities have been patched after exploiting them over real companies... Black Hats won't work hard and then tell vendors and OEMs about this vulnerability. Am I right here? They will take the most out of it {Untill they know about this vulnerability}. What would prevent them from accessing your data after finding new vulnerability and apply it on your system... This statment can't be more accurate than here.... Here I am not encouraging people not to patch thier systems, no. But rather saying truth... Who imagned that one day Yahoo!, CNN, Amazone would stop serving people because of DoS attack??? It is just about finding new ways into things...

We have to keep our systems updated and patched, we have to linger bad people and make things harder for them....

Just my $0.02

Cheers

[IKnowNot]

What I said was, perhaps that Myth #5 should have been reworded to

Security tools and software patches prevent exploits

Again, these are Myths.

[thehorse13]

No they don't. They only prevent exploitation of existing and known vulnerabilities.

Tsk, tsk. I'm very surprised MsMitts. Your statement is false. HPING, a security tool that I use all the time to document unkown vulnerabilities is one example of a security tool used to find unkown vulnerabilities. This is one example of many...

[Aspman]

This article on SecurityFocus expands a bit on myth #4 in particular.

http://www.securityfocus.com/columnists/313

[RoadClosed]

Tools can also be used to detect changes in normal patterns to alert of a possibility of an unkown issue. For example, a 100 percent increase in normal email traffic. An overload of NEW files shares. Etc...

[MrLinus]

Your statement is false. HPING, a security tool that I use all the time to document unkown vulnerabilities is one example of a security tool used to find unkown vulnerabilities.

I was thinking of the scanning tools specifically. Mea culpa

[thehorse13]

We'll let you slide just this once.

[rcgreen]

I don't like where he seems to be going with #5, about patches not making
you safer. His argument seems to be that the bad guys will "reverse engineer"
the patch in order to "discover" the vulnerability it was written to fix.
HELLO! The vulnerability already exists and you must presume that if they don't
already know it on their own, they will figure it out soon enough. This is more "security by obscurity"
reasoning. Since the patch can't be distributed secretly, your choice is to distribute
it publicly, risking that someone (horrors!) will study it, or not at all.
Just ignore those holes and maybe they'll go away.

[halv]

Originally posted here by rcgreen
I don't like where he seems to be going with #5, about patches not making
you safer. His argument seems to be that the bad guys will "reverse engineer"
the patch in order to "discover" the vulnerability it was written to fix.

I think the article was suggesting that the black hats will/can study the patch to see if it truly fixes what it is supposed to (not all patches to work as intended) and also to see if it opens up any new holes in the OS.

~Halv