Government Security
Network Security Resources

Jump to content

Photo

Most Critical Part Of Security


  • Please log in to reply
58 replies to this topic

Poll: What's the most critical component in security?

What's the most critical component in security?

You cannot see the results of the poll until you have voted. Please login and cast your vote to see the results of this poll.
Vote Guests cannot vote

#1 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 27 April 2005 - 12:48 PM

I just had a shouting match with a respected security guy over this lately after a seminar. Wondering what you think....
Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS

#2 as0l0

as0l0

    Sergeant

  • Members
  • 248 posts

Posted 27 April 2005 - 01:57 PM

Will you tell use which side each of you were on?

#3 Travis

Travis

    Specialist

  • Sergeant Major
  • 2,101 posts

Posted 27 April 2005 - 05:12 PM

people most definately, you could have the worlds greatest firewall IDS/IPS etc etc in place, and all it takes is one disgruntled employee to kick the server.

#4 whiskah

whiskah

    Staff Sergeant

  • Sergeant Major
  • 397 posts

Posted 27 April 2005 - 05:19 PM

people most definately, you could have the worlds greatest firewall IDS/IPS etc etc in place, and all it takes is one disgruntled employee to kick the server.

<{POST_SNAPBACK}>

u might have educated your people but what if ur policies, best practices, procedure s aint up to the mark..

i guess it has to be both people and process..

#5 tibbar

tibbar

    First Sergeant

  • Members
  • 1,423 posts

Posted 27 April 2005 - 06:48 PM

i think technology can go a long way to stop problems, if you lock the system down tightly, even mr disgruntled should be unable to cause harm
If you want to read more about my security research, visit Tibbar.org

#6 bonarez

bonarez

    Retired GSO Second Lieutenant

  • Sergeant Major
  • 1,252 posts

Posted 27 April 2005 - 07:30 PM

if you were to ask whitch was the most vulnerable > people. because it is the one thing you can't control.
"Ask the right question and you will receive the right answer. I'm just very sensitive about the right syntax"

Read the rules before you post

#7 nuorder

nuorder

    Sergeant First Class

  • Members
  • 574 posts

Posted 27 April 2005 - 08:50 PM

I'd say the people are the MOST critical because you can render a secure OS useless with an incompetent admin.

And if you have an insecure OS, a competent admin would be able to implement temporary fixes or apply patches to secure it.

#8 MsMittens

MsMittens

    Staff Sergeant

  • Members
  • 258 posts

Posted 27 April 2005 - 09:03 PM

To me, it's people. You can create the procedures and processes and you can install the tech, but if there isn't a "culture of security" (my nifty little term for it), where people accept it, abide by it and actually improve on it, then all those procedures, processes and technology are useless.

We know that tech can't stop a social engineer nor can some procedures/processes. Educating people to understand risks, threats, etc. can go a long way for the simplest of attacks.

Additionally, keeping an open mind as to the kinds of attack vectors is important. 10 years ago (*GAH* I've been online THAT long?!!?) spyware, e-mail e-commerce phishing and worms that we see today would have never been conceived of or imagined. What will be attack vectors of tomorrow? Who knows. But keeping open about it and, even if it sounds impossible now, keep watching for it.

#9 belgther

belgther

    Sergeant First Class

  • Sergeant Major
  • 650 posts

Posted 27 April 2005 - 09:57 PM

People are the biggest reason for security glitches. Because technology and processes are made by people, too, with their flaws...
"The wisest one is the one who knows himself/herself." Quote of the life
belgther... aka... belgther

#10 White Scorpion

White Scorpion

    Sergeant First Class

  • Sergeant Major
  • 674 posts

Posted 27 April 2005 - 10:00 PM

definitely people. people can f*ck up just about every system, no matter how secure it is.

also people are the creators of processes and tech so it is always people. a computer can't make a mistake, a person can (and will).
The path of access leads to the server of wisdom..

The Syringe - My Latest Project.
Errors, Vulnerabilities & Exploits explained.
----
www.white-scorpion.nl
www.info-sec.eu
www.info-sec.info

#11 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 27 April 2005 - 11:19 PM

Once the responses slow down, I'll share the two sides of the debate. I don't want to influence anyone's opinion (just yet).
Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS

#12 s3ntinel

s3ntinel

    Private First Class

  • Members
  • 47 posts

Posted 27 April 2005 - 11:51 PM

People definitely. Technology can only stop what is known about, Process is only useful if people adhere to them.

You will always find someone who will open a zip file attached to an email from someone they've never heard of with a content that makes little sense :angry: . When asked, they will invariably say that they wouldn't do it at home, but they thought they'd be safe :unsure: . This makes NIDS and AV pointless.

BTW, I reckon that the future of security breaches will be a spam email sent to an entire company's email address space containing an exploit that'll download a trojan containing a keylogger. The trojan will then log all keypresses when the current user name appears in the browser etc and then upload it via HTTPS to a compromised site. NIDS can't touch it unless you have an SSL proxy, AV won't detect it if you use a keylogger with a "Legitimate commercial purpose" and you'll have the keys to the kingdom!

What process or technology will stop that? None, only education will mitigate against the threat. B)

#13 da_cash

da_cash

    Sergeant

  • Members
  • 232 posts

Posted 28 April 2005 - 01:22 AM

in my oppinion most common reason for security breach are lazy, curious or not properly educated people...

people use easy guessable passwords, open dangerous files in emails without checking it first..

for example just create a page which contains the words "DO NOT ENTER HERE"
and you'll be surprised how many pplz will go there

#14 Pazort

Pazort

    Private

  • Members
  • 4 posts

Posted 28 April 2005 - 02:29 AM

It cannot be disputed that ALL of these are essential to creating a secure environment, but the most important would certainly be people.

Technology can go a long way to limit the damage people may inflict onto a potentially secured environment, but there may always be a degree of social engineering or perhaps a case where a disgruntled employee quickly learns how to counter your defenses from the inside, which would still leave you extremely vulnerable. In addition, many people are entirely overconfident with their knowledge of computer systems. It is not uncommon that a person would feel they know exactly what they are doing and what all the consequences are simply beacause they are proficient with an application.

Technology cannot be underminded, however. It is essential to be up to par constantly to defend yourself even against physical attacks, and without proper policies in place, mistakes are likely to be made, leaving your systems wide open to potential attackers.

#15 tibbar

tibbar

    First Sergeant

  • Members
  • 1,423 posts

Posted 28 April 2005 - 03:43 AM

clearly a disgruntled employee determined to cause trouble is going to be a problem.

my point is if you use a secure OS with limited privledges for users, strong firewalls + IDS and a good backup policy on data then it is actually quite difficult for someone to cause a problem on the network.

even if someone is fooled into running a dangerous attachment, visits a spyinfected sites etc, the limited privledge account will prevent any serious damage taking place.

the ids + firewall will stop 95% of lan bypassing backdoors.

so my point is that people are always a weak point, but with careful use of technology we can limit the damage people can cause - e.g. losing a password to a limited privedge account is not such a terrible thing.
If you want to read more about my security research, visit Tibbar.org




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users