Re: [fw-wiz] Firewalls and 802.1q trunking

From: Mike Hoskins (mike@adept.org)
Date: 12/14/02


From: Mike Hoskins <mike@adept.org>
To: firewall-wizards@honor.icsalabs.com
Date: Sat Dec 14 19:34:16 2002

From: t <miedaner@twcny.rr.com>
> I like to say you that I can grab an employee by the collar and make him
> stop what he is doing or prosecute.

How about disgruntled employees with inside knowledge? I don't like
some of the hype surrounding many Internet-related statistics (they're
generally made up to sell the product at hand), but you should also never
get in the habit of dismissing potential threats. Trust noone. Also,
it's typically cheaper to prepare than to deal with the mess after the
fact (and explain potential downtime or data loss to clients).

"Marcus J. Ranum" wrote:
> The "80% of attacks come from the inside" statistic that
> has been broadly quoted by INFOSEC practitioners is, as far
> as I can tell, completely made up. In fact, the shocking
> results of a recent study revealed that 99.5% of statistics
> regarding Internet Security are made up, or otherwise based
> on flawed assumptions.*

99.5% of statistics are made up. That's the game statisticians (get paid
to) play. ;)

In general, if you just go around grabbing statistics without any attempt
to verify data yourself or apply the results of the lated studies to your
specific installation, needs, etc... You'll waste a lot of money and end
up with a security infrastructure that looks something like swiss cheese.
If you're a security person, you're tasked with asset identification, risk
analysis, etc. Don't trust other people to do your work for you... That
goes for most things in life.

--
Mike Hoskins		This message is RFC 1855 compliant,
mike@adept.org		www.adept.org/pub/rfcs/rfc1855.html