http://www.gnucitizen.org/blog/there-is-no-spoon/ Cutting-edge Think tank | Ethical Hacker Outfit Sun, 20 Jul 2008 10:47:02 +0000 http://wordpress.org/?v=2.5.1 http://www.gnucitizen.org/blog/there-is-no-spoon/#comment-120331 McGrew Security Blog » Blog Archive » links for 2008-04-29 Tue, 29 Apr 2008 22:32:00 +0000 http://www.gnucitizen.org/blog/there-is-no-spoon/#comment-120331 [...] There is no spoon… | GNUCITIZEN Paul guest-blogs for gnucitizen. Essentially, the crunchy-outer-layer/chewy-center model of security is dead, has been dead for some time, and the sooner you realize it the better. (tags: security) [...] [...] There is no spoon… | GNUCITIZEN Paul guest-blogs for gnucitizen. Essentially, the crunchy-outer-layer/chewy-center model of security is dead, has been dead for some time, and the sooner you realize it the better. (tags: security) [...]

]]> http://www.gnucitizen.org/blog/there-is-no-spoon/#comment-119484 MadIrish Tue, 22 Apr 2008 19:18:18 +0000 http://www.gnucitizen.org/blog/there-is-no-spoon/#comment-119484 I recently attended a training seminar on business decision making and one of the most interesting things the speaker pointed out was that the best solution to a problem is to recast the situation so that the problem is no longer a problem. This is classic "out of the box" thinking. It's interesting to see network security evolve a paradigm shift that treats the network as hostile (even the internal network). It is this kind of shift that allows you to remove many traditional "problems" of security by assuming they're actually the norm rather than anomalous. I think the crux of this approach is to recognize that most servers provide open services to the internet. When an attacker attempts a brute force of a service it's not actually an attack, or even an exploitation of the service, the attacker is utilizing the service *exactly* as it was intended. While the behavior may be the harbinger of "very bad" things to come, the system itself is operating according to design. In order to remove the attacker's brute force attack you have to fundamentally change the design of the public service, or accept the attack as part of the normal state affairs. I recently attended a training seminar on business decision making and one of the most interesting things the speaker pointed out was that the best solution to a problem is to recast the situation so that the problem is no longer a problem. This is classic “out of the box” thinking. It’s interesting to see network security evolve a paradigm shift that treats the network as hostile (even the internal network). It is this kind of shift that allows you to remove many traditional “problems” of security by assuming they’re actually the norm rather than anomalous. I think the crux of this approach is to recognize that most servers provide open services to the internet. When an attacker attempts a brute force of a service it’s not actually an attack, or even an exploitation of the service, the attacker is utilizing the service *exactly* as it was intended. While the behavior may be the harbinger of “very bad” things to come, the system itself is operating according to design. In order to remove the attacker’s brute force attack you have to fundamentally change the design of the public service, or accept the attack as part of the normal state affairs.

]]> http://www.gnucitizen.org/blog/there-is-no-spoon/#comment-119433 GNUCITIZEN Security Article at Cus Productions Tue, 22 Apr 2008 11:50:11 +0000 http://www.gnucitizen.org/blog/there-is-no-spoon/#comment-119433 [...] course on “Cutting-Edge Hacking Techniques”. He summarises a lot of the basics over at GNUCITIZEN. I especially like: There is no “inside” - Treat your network as if it is always exposed [...] [...] course on “Cutting-Edge Hacking Techniques”. He summarises a lot of the basics over at GNUCITIZEN. I especially like: There is no “inside” - Treat your network as if it is always exposed [...]

]]>