RE: Fw: [ISN] Firewalls a dangerous distraction says expert

  • From: "Steve Moffat" <steve@xxxxxxxxxx>
  • To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 8 Jul 2005 11:50:54 -0300

Absolutely........ 

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Friday, July 08, 2005 11:43 AM
To: ISA Mailing List
Subject: [isalist] RE: Fw: [ISN] Firewalls a dangerous distraction says
expert

http://www.ISAserver.org

I think the Brits would call this guy a wanker, but I'm not sure ;-)

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Friday, July 08, 2005 9:44 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Fw: [ISN] Firewalls a dangerous distraction says
expert

http://www.ISAserver.org

Great.  Just what we needed-- a "security researcher" at the SDSC
telling us that firewalls are a "dangerous distraction."

Ra, Ra, Ra.

t


----- Original Message -----
From: "InfoSec News" <isn@xxxxxxx>
To: <isn@xxxxxxxxxxxxx>
Sent: Friday, July 08, 2005 1:21 AM
Subject: [ISN] Firewalls a dangerous distraction says expert


> http://www.techworld.com/security/news/index.cfm?NewsID=3992
>
> By Rodney Gedda
> Computerworld Australia
> 07 July 2005
>
> A preoccupation with firewalls is diverting attention and resources
> away from the more important issue of locking systems down, according
> to an expert.
>
> Computer security researcher at the San Diego Supercomputing Center
> (SDSC), Abe Singer said companies can spend 90 percent of their
> security efforts on firewalls and not much of anything else. "I'm not
> saying firewalls are completely irrelevant, but how much effort do you
> spend on security?" Singer asked. "Do security at the host, not just
> the perimeter. You should be worried about what users are doing,
> because if an attacker is going through the perimeter [without secure
> hosts] then it's game over."
>
> Speaking at the Australian Unix and open systems user group (AUUG),
> Singer prides himself on the claim that the SDSC has gone four years
> without a root-level intrusion to its systems - without using a
> firewall. "At the SDSC we don't use a firewall, it's not feasible," he
> said. "Since we have to secure hosts individually if we had a firewall
> it would be so open it would be useless."
>
> Singer said there is a perception that a firewall is a must-have. He
> cited Visa's server requirements for online merchants which stated
> they must have a firewall, but did not specify any configuration
> details. "Too much of the security budget is being spent on firewalls
> which also get too much attention [and] it's also 'cool' to have a new
> firewall to play with," he said, adding that other appliances like
> intrusion detection and prevention systems are an extension of the
> same idea.
>
> "People are attracted to the idea that security can be bought [and]
> it's hard to differentiate between marketing hype and reality," he
> said. "We have a known 'good' config and when we find something is bad
> it's consistently fixed."
>
> Singer is adamant that intrusion will not be stopped by a firewall and
> attackers have used Trojan SSH clients to steal user names and
> passwords. Other practices Singer recommends include not running
> services you don't need, for example, services that are only required
> internally don't need to be external.
>
> "You really need to think through your processes [and] relying on a
> firewall means you're probably doing security wrong," he said.
> "Surveys have shown that 60 percent of security breaches are internal
> but 70 percent of people are worried about hackers on the outside.
> Internal breaches are worse, because someone has a level of access and
> knows where the assets are. If an attacker was really looking at
> compromising a company's assets he or she would get a job in the mail
> room."
>
>
>
> _________________________________________
> Attend the Black Hat Briefings and
> Training, Las Vegas July 23-28 -
> 2,000+ international security experts,
> 10 tracks, no vendor pitches.
> www.blackhat.com
>
> 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

The correct technical term for haggis stalking is "havering". 



Other related posts: