A pet peeve of mine is this perpetual mantra, in security circles, to
the effect that if it is *possible* to circumvent a security measure (e.g.
filtering in source ports) then that measure is not only useless but will
inevitably lead the helpless sysadmin down the garden path, creating a false
sense of security and actually making things worse.
This is pure unadulterating rubbish. The typical vandal is a duffer
who won't make it past the first hurdle. The ones who actually know something
will be slowed down, and may be encouraged to move on to greener pastures.
These are good things. The fewer people you have actually reaching your iron
gate the lower the probability that someone will stumble over that bug in it.
There is a reason they started putting moats around castles, and it wasn't
because the enemy couldn't swim.
Of course a sysadmin needs to not be overwhelmed by a false sense of
security. A line in the manual pointing out that source ports can be spoofed
will accomplish this, in the case in point. Presumably moat-builders of old
mentioned that Huns could swim so, possibly, some walls to go with the castle
would be a good plan, as well as the moat.
The point here is that even weak measures have non-zero value and can
be usefully factored into the risk evaluations. It is, of course, essential
that weak measures be noted as such, so their value can be accurately known,
but this is part of what manuals and forums like this one do.
Andrew Molitor
|
|
