Re: [ISN] Cracks in the Firewall

From: InfoSec News (isnat_private)
Date: Tue Apr 16 2002 - 00:26:24 PDT

  • Next message: InfoSec News: "[ISN] The hacking mirror crack'd"

    Forwarded from: security curmudgeon <jerichoat_private>
    cc: joe.duffyat_private
    
    > http://www.businessweek.com/bwdaily/dnflash/apr2002/nf2002049_1803.htm
    > 
    > APRIL 9, 2002 
    > SECURITY NET 
    > By Alex Salkever 
    > 
    > Thanks to sophisticated new attack methods, computer security has to
    > go beyond the old standby of merely keeping intruders out
    
    > "DIFFERENT SCENARIO."  This explains why intruders increasingly play
    > off this connectivity to target systems that require a certain
    > degree of openness to function as a business tool. "The
    > [pre-Internet] computing technologies were designed to keep people
    > out. The Internet is all about letting people in. That's a different
    > security scenario,"  explains Joe Duffy, national security practice
    > manager for PricewaterhouseCoopers.
    
    Well, I think this pretty much establishes that Joe Duffy was not on
    the net before 1995 or so.
    
    Hrm, let's find his bio.
    
    Joe Duffy is Lead Partner for the National Security Practice of
    PricewaterhouseCoopers. An author and frequent speaker on business
    technology issues, Mr. Duffy is responsible for the strategic
    direction, growth and vision of the US Security Practice for
    PricewaterhouseCoopers.
    
    That screams "upper management" and "i have a problem comprehending a
    mouse with three buttons" to me.
    
    First, what is "pre-Internet" computing? Talking about the mainframes
    of 1960? Since the Internet was basically founded/born/created in
    1969, that would put his statement somewhere between "absurd" and
    "fucking stupid". I hate to be the one who beats Duffy with a
    clue-by-four, but computers and operating systems were NOT designed to
    keep people out "pre-Internet", pre 1995 (my guess as to his online
    history), or even today. Wonder if Duffy has installed a copy of NT or
    Linux lately and noticed that the security posture screams "bend me
    over"? I'd guess not.
    
    > Other insights can be gleaned from ISS's inaugural quarterly report.  
    > Until recently, the most common type of Internet attack was "denial
    > of service," whereby malicious hackers break into computers
    > connected to the Net and command them to fire incessant data
    > requests at a Web site. That shuts off access to the site and can
    > damage it.
    
    I'd love to see the details that went into this study and figures.
    There seems to be a lot of leeway here as to what one considers
    "attack", how you qualify seperate attacks, etc.
    
    If an attacker breaks into a machine to be able to launch a DoS
    attack, then wouldn't it be closer to a 1:1 ratio between non DOS
    compromises and DoS attacks? Especially DDoS attacks that have kids
    breaking into 1,000 machines to create their zombie army. Add on to
    that the regular non DoS kiddies, and it seems that DoS attacks might
    not be the most prevalent. Also factor in tracing DoS attacks since
    they all spoof their packets and are a bitch to track back. Factor in
    that none of the backbone ISPs will lift a finger to trace those
    attacks, instead they just block all the traffic at a border router
    and celebrate a job well done. The nature of non DoS, non defacing
    attacks is to stay hidden. That has historically made any type of
    computer crime/hacking statistic difficult to pin down.
    
    All in all, I don't think these statements can easily be made short of
    a lot more research.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Apr 16 2002 - 03:45:50 PDT