RE: [fw-wiz] Transitive Trust: 40 million credit cards hack'd

From: Paul Melson (
Date: 06/21/05

  • Next message: Behm, Jeffrey L.: "RE: [fw-wiz] Transitive Trust: 40 million credit cards hack'd"
    To: "'Behm, Jeffrey L.'" <>, "'Marcus J. Ranum'" <>, "'David Lang'" <>
    Date: Tue, 21 Jun 2005 10:16:22 -0400

    It's a failed analogy all around, though. In the case of bear vs. runner,
    one bear can only maul one runner at one time. I've got screens and screens
    worth of alert data that show that a single e-bear can chase and maul
    thousands of runners at the same time.

    I agree that doing something is better than doing nothing. I also agree
    that 2-factor AAA is viable and definitely worth the effort and expense for
    some organizations (including mine). But if your goal for securing your
    organization is to be better than you think your "neighbors" (whether
    they're in physical, logical, or market proximity) are, then all you can
    hope to achieve is to not suffer a compromise at the same time in the same
    way as your neighbors.

    As far as making my network a "hard target" in the military sense (Google
    for "hard target interdiction" or HTI), no thank you. :)


    -----Original Message-----
    Subject: RE: [fw-wiz] Transitive Trust: 40 million credit cards hack'd

    And you (and others) assume there's only two runners.

    I still think I'll make an attempt to out run the bear and be as tough a
    target as I can afford, and hope the bear is smart enough to pursue the easy

    The point is, don't make yourself the _easy_ target, when there are things
    you can do that the other (easier targets) aren't doing.
    When there are enough bears and few targets, everyone will get attacked, but
    don't lightly toss aside the benefit of making yourself as hard a target as
    you can afford. Right now, there are still plenty of honey-soaked targets
    for the bears to enjoy.

    I'm not necessarily saying this is a completely fail-safe way to secure your
    environment, but from what I have seen of other environments, at least the
    honey isn't dripping off you and leaving a trail for the bear to easily
    follow. Let it drip off the other guy(s).

    firewall-wizards mailing list

  • Next message: Behm, Jeffrey L.: "RE: [fw-wiz] Transitive Trust: 40 million credit cards hack'd"

    Relevant Pages

    • Re: Bear intruder takes 10 rounds before going down
      ... A neck shot is ... We're not talking about a bear giving ... Under 50 feet, paper targets don't stand a chance. ... A moving target like a 300 lb bear is a different story, there would probably be no neck target. ...
    • Re: For FUCKS SAKE!! Holiday plans etc
      ... Bear wrote; ... hurricane season, ... Sounds like an excuse. ... The season is June to November, but 90% of the action (if on target) is August/September. ...
    • Re: Lost Lake Breath of Life Trail Run 2006 (long)
      ... Alaska - A runner near Soldotna was mauled by a grizzly sow ... Centennial Trail near the headquarters of the Kenai National Wildlife ... Refuge when they spooked the bears. ... The adult bear knocked down the victim and darted between the runners ...