RE: NIPC Daily Report, 30 October 2001

From: Andrew Plato (aplato@private)
Date: Wed Oct 31 2001 - 14:03:16 PST

Next message: The Berean: "Re: Denial of Service Attacks on Internet 2"

Previous message: Alan: "Re: NIPC Daily Report, 30 October 2001"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alan wrote...
 
> Unfortunately, even some in the security industry feed off that fear.
> 
> Security people need to remain level-headed.  Panic and 
> paranoia does not 
> help the thought process. If you are going to defend systems 
> against an 
> unknown, you need to have all of your wits about you, or else 
> you end up 
> spending huge amounts of time and money on things that don't 
> help, and may 
> make things worse.  

You are very correct Alan. In my line of work (network and computer
security) there are many consultants and companies who live off
terrifying people about hackers. Their rhetoric is usually designed to
frighten them into buying expensive solutions or cumbersome network
designs. And most of the time, these solutions are crap. 

Hackers are a problem, there is no doubt about that. But, there is also
some very basic and relatively inexpensive ways to stop hackers and
dramatically lower risk and exposure. Unfortunately, given current
events, these doomsayers are getting a lot of coverage and press. Just
last night on some news show, there was some mouthing fool going on
about how the Internet is doomed. 

The overriding common thread among these people is that they just want
attention. They don't have solutions or answers - just complaints. Like
a person who bickers constantly through a movie that it isn't "real
enough" for their tastes. 

The fact is, we should focus our attention on solving security problems
and reducing risk. Yeah - hackers are out there. Now let's spot, track,
and stop these people. 

Same with terrorists. There are people out there that are evil, hateful
people who want to do harm. We need methods to spot, track, and stop
these people. 

Like all industries, the network security industry is evolving.
Hopefully, the doomsayers and snake oil salespeople will get pushed out
soon and the realistic, honest, and practical solutions will dominate.
But, it requires all of us to demand that the doomsayers shut up and
focus on solving problems.

As the saying goes: if you're not part of the solution, you're part of
the problem.

------------------------------------
Andrew Plato
President / Principal Consultant
Anitian Corporation

(503) 644-5656 office
(503) 201-0821 cell
http://www.anitian.com
Yahoo Messenger: Anitian
------------------------------------

Next message: The Berean: "Re: Denial of Service Attacks on Internet 2"
Previous message: Alan: "Re: NIPC Daily Report, 30 October 2001"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:29:24 PDT