RE: [fw-wiz] Application-level Attacks

From: Marcus J. Ranum (mjr_at_ranum.com)
Date: 02/14/05

  • Next message: Paul Melson: "RE: [fw-wiz] Cisco Concentrator - pix515 Lan-to-Lan"
    To: "Ofer Shezaf" <Ofer.Shezaf@breach.com>, <firewall-wizards@honor.icsalabs.com>
    Date: Mon, 14 Feb 2005 13:31:42 -0500
    
    

    >"The current generation of firewalls focuses on the network level, kind
    >of like the walls of a fort stopping direct attack," said Pescatore.
    >"However, close to 75% of today's attacks are tunneling through
    >applications.

    This sounds like typical Gartner-spew. There's nothing there
    to back up the numbers, no methodology, no science. How
    did Pescatore come up with that figure, is what I want to
    know? My guess is he found it in the bottom of a box of
    Cracker Jacks.

    The reason I jumped on your post is because I strongly
    believe that in order for computer security to grow up and
    stop being an intellectual backwater - we need to apply a
    little science and attempt to accurately quantify what we
    are doing. That means no more analysts practicing
    proctological numerology, no more self-selected samples
    used in polls, no more proof by vigorous hand-waving.

    The article you reference is a thinly-veiled puff piece for
    "application security gateways" (read: marketing's new
    word for proxy firewalls)

    mjr.

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Paul Melson: "RE: [fw-wiz] Cisco Concentrator - pix515 Lan-to-Lan"