Most Critical Part Of Security
Posted 27 April 2005 - 05:12 PM
Posted 27 April 2005 - 05:19 PM
u might have educated your people but what if ur policies, best practices, procedure s aint up to the mark..
people most definately, you could have the worlds greatest firewall IDS/IPS etc etc in place, and all it takes is one disgruntled employee to kick the server.
i guess it has to be both people and process..
Posted 27 April 2005 - 08:50 PM
And if you have an insecure OS, a competent admin would be able to implement temporary fixes or apply patches to secure it.
Posted 27 April 2005 - 09:03 PM
We know that tech can't stop a social engineer nor can some procedures/processes. Educating people to understand risks, threats, etc. can go a long way for the simplest of attacks.
Additionally, keeping an open mind as to the kinds of attack vectors is important. 10 years ago (*GAH* I've been online THAT long?!!?) spyware, e-mail e-commerce phishing and worms that we see today would have never been conceived of or imagined. What will be attack vectors of tomorrow? Who knows. But keeping open about it and, even if it sounds impossible now, keep watching for it.
Posted 27 April 2005 - 09:57 PM
belgther... aka... belgther
Posted 27 April 2005 - 10:00 PM
also people are the creators of processes and tech so it is always people. a computer can't make a mistake, a person can (and will).
The Syringe - My Latest Project.
Errors, Vulnerabilities & Exploits explained.
Posted 27 April 2005 - 11:51 PM
You will always find someone who will open a zip file attached to an email from someone they've never heard of with a content that makes little sense . When asked, they will invariably say that they wouldn't do it at home, but they thought they'd be safe . This makes NIDS and AV pointless.
BTW, I reckon that the future of security breaches will be a spam email sent to an entire company's email address space containing an exploit that'll download a trojan containing a keylogger. The trojan will then log all keypresses when the current user name appears in the browser etc and then upload it via HTTPS to a compromised site. NIDS can't touch it unless you have an SSL proxy, AV won't detect it if you use a keylogger with a "Legitimate commercial purpose" and you'll have the keys to the kingdom!
What process or technology will stop that? None, only education will mitigate against the threat.
Posted 28 April 2005 - 01:22 AM
people use easy guessable passwords, open dangerous files in emails without checking it first..
for example just create a page which contains the words "DO NOT ENTER HERE"
and you'll be surprised how many pplz will go there
Posted 28 April 2005 - 02:29 AM
Technology can go a long way to limit the damage people may inflict onto a potentially secured environment, but there may always be a degree of social engineering or perhaps a case where a disgruntled employee quickly learns how to counter your defenses from the inside, which would still leave you extremely vulnerable. In addition, many people are entirely overconfident with their knowledge of computer systems. It is not uncommon that a person would feel they know exactly what they are doing and what all the consequences are simply beacause they are proficient with an application.
Technology cannot be underminded, however. It is essential to be up to par constantly to defend yourself even against physical attacks, and without proper policies in place, mistakes are likely to be made, leaving your systems wide open to potential attackers.
Posted 28 April 2005 - 03:43 AM
my point is if you use a secure OS with limited privledges for users, strong firewalls + IDS and a good backup policy on data then it is actually quite difficult for someone to cause a problem on the network.
even if someone is fooled into running a dangerous attachment, visits a spyinfected sites etc, the limited privledge account will prevent any serious damage taking place.
the ids + firewall will stop 95% of lan bypassing backdoors.
so my point is that people are always a weak point, but with careful use of technology we can limit the damage people can cause - e.g. losing a password to a limited privedge account is not such a terrible thing.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users