At 03:22 PM 5/30/96 +0200, Rolf Weber <weber @
iez .
com> allegedly wrote:
>>
>> >That's an important point -- don't waste money on defenses that don't
>> >work, or if the threat isn't worth the security costs. Security
>> >resources are finite, so focus on important and effective defenses.
>>
>> I don't believe I'm reading this - particularly from Rick who is a
>> frequent poster.
>>
>> "Don't waste money on defenses that don't work"
>> Apparently, they do. So far, Raptor, V-ONE, Digital all claim to have
>> implemented User->Firewall encryption (and are application gateways).
>>
>> "or if the threat isn't worth the security costs"
>> The defense of our country isn't worth $20-30K to protect it from
>> known attacks which are in use today???
>>
>what's wrong with "don't waste money if the threat isn't worth the
>security costs"???
>this is a *very* *very* true sentence!
An excellent point and one that is absolutely true. However, let's
consider the current environment and answer the two main questions
when used to figure the type of security solution to use:
What is the threat (including the probability thereof)?
The threat: DoD is getting pounded on @250,000 attempts per year -
with that figure doubling each year. Therefore, the incidence of
threat would be considered very high.
What is the value of the data you are protecting?
If the data is trivial, then security involving restoring the backups
may suffice. However, in this case, we are talking about national
security issues - where security has a higher priority than other
issues.
Third. The technology already exists as off-the-shelf solutions
from DEC, Raptor, & V-ONE. Why bother to re-engineer the wheel
when it has already been solved? For a *real* cheap solution, just
front-end the firewall with a SmartGate (or incorporate the beast
into the firewall itself)?
>another point:
>even with user->firewall encryption, you're vulnerable when
> - you can't trust the outside user (apparently)
>or
> - you can't trust the outside host.
>sorry, but if your "defense of our country" depends on the net you're
>protecting, you can *not* allow *any* incoming connection, even the
>outgoing are dangerous.
>(of course, user->firewall encryption is a strong protection when
>incoming connections are *acceptable* risks.)
>
All of which are excellent points. (It is a pleasure to exchange mails
with you). 8^)
Taking your points one-at-a-time:
"You can't trust the outside user"
Even with Fortezza & Digital Signatures, an attacker could still hold
a gun to the head of the person trying to log in. While duress codes
may or may not be in use, the person may or may not actually use it -
depending on how much the person is threatened.
"You can't trust the outside host"
Another good point. How do you know that the host connecting to your
system isn't connected to many others as well OR that an attacker
isn't on the host at the sime time as the legitimate user?
The point about not allowing any incoming connections is well taken,
but unfortunately, the concept is slowly fading away. <sadly> Today's
business (and military) models require secure two-way communications
& networking. I agree that *any* incoming connections carry a risk
with them and that it is best to block these whenever possible.
The problem is that business runs the company - not security (with
the exception of the military). As long as security can provide
business with the ability to get their job done - with as little
expense as possible and not being too intrusive to business operations,
then security will probably succeed. If they can't, business will
decide that this is "an acceptable risk" and decide not to implement
security. The decision may be incredibly stupid, but it is their
decision to make. It's a bad hand we've been dealt, but we just
need to make the best of it.
Herzlichen Dank fuer deine Mail.
>rolf
>--
>-----------------------------------------
>Rolf Weber <weber @
iez .
com> | All I ask is a chance
>IEZ AG D-64625 Bensheim | to prove that money
>++49-6251-1309-109 | can't make me happy.
MfG,
Best Regards,
Frank
Any sufficiently advanced bug is indistinguishable from a feature.
-- Rich Kulawiec
<standard disclaimer>
The opinions expressed above are of the author and may not
necessarily be representative of Fortified Networks Inc.
Fortified Networks Inc. - Information Security Consulting
http://www.fortified.com Phone: (317) 573-0800 FAX: (317) 573-0817
Home of the Free Internet Firewall Evaluation Checklist
|
|
