Absolutely........ -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Friday, July 08, 2005 11:43 AM To: ISA Mailing List Subject: [isalist] RE: Fw: [ISN] Firewalls a dangerous distraction says expert http://www.ISAserver.org I think the Brits would call this guy a wanker, but I'm not sure ;-) -----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Friday, July 08, 2005 9:44 AM To: [ISAserver.org Discussion List] Subject: [isalist] Fw: [ISN] Firewalls a dangerous distraction says expert http://www.ISAserver.org Great. Just what we needed-- a "security researcher" at the SDSC telling us that firewalls are a "dangerous distraction." Ra, Ra, Ra. t ----- Original Message ----- From: "InfoSec News" <isn@xxxxxxx> To: <isn@xxxxxxxxxxxxx> Sent: Friday, July 08, 2005 1:21 AM Subject: [ISN] Firewalls a dangerous distraction says expert > http://www.techworld.com/security/news/index.cfm?NewsID=3992 > > By Rodney Gedda > Computerworld Australia > 07 July 2005 > > A preoccupation with firewalls is diverting attention and resources > away from the more important issue of locking systems down, according > to an expert. > > Computer security researcher at the San Diego Supercomputing Center > (SDSC), Abe Singer said companies can spend 90 percent of their > security efforts on firewalls and not much of anything else. "I'm not > saying firewalls are completely irrelevant, but how much effort do you > spend on security?" Singer asked. "Do security at the host, not just > the perimeter. You should be worried about what users are doing, > because if an attacker is going through the perimeter [without secure > hosts] then it's game over." > > Speaking at the Australian Unix and open systems user group (AUUG), > Singer prides himself on the claim that the SDSC has gone four years > without a root-level intrusion to its systems - without using a > firewall. "At the SDSC we don't use a firewall, it's not feasible," he > said. "Since we have to secure hosts individually if we had a firewall > it would be so open it would be useless." > > Singer said there is a perception that a firewall is a must-have. He > cited Visa's server requirements for online merchants which stated > they must have a firewall, but did not specify any configuration > details. "Too much of the security budget is being spent on firewalls > which also get too much attention [and] it's also 'cool' to have a new > firewall to play with," he said, adding that other appliances like > intrusion detection and prevention systems are an extension of the > same idea. > > "People are attracted to the idea that security can be bought [and] > it's hard to differentiate between marketing hype and reality," he > said. "We have a known 'good' config and when we find something is bad > it's consistently fixed." > > Singer is adamant that intrusion will not be stopped by a firewall and > attackers have used Trojan SSH clients to steal user names and > passwords. Other practices Singer recommends include not running > services you don't need, for example, services that are only required > internally don't need to be external. > > "You really need to think through your processes [and] relying on a > firewall means you're probably doing security wrong," he said. > "Surveys have shown that 60 percent of security breaches are internal > but 70 percent of people are worried about hackers on the outside. > Internal breaches are worse, because someone has a level of access and > knows where the assets are. If an attacker was really looking at > compromising a company's assets he or she would get a job in the mail > room." > > > > _________________________________________ > Attend the Black Hat Briefings and > Training, Las Vegas July 23-28 - > 2,000+ international security experts, > 10 tracks, no vendor pitches. > www.blackhat.com > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx The correct technical term for haggis stalking is "havering".