Re: [fw-wiz] RE: In defense of non standard ports



On Fri, 27 Jan 2006, R. DuFresne wrote:

> I had to stop here, for the term "security professionals" is a hard one to 
> define, does this imply certified persons?  Also, working for a state gov, 

No, it means people getting paid to do security work.  That implies that 
management is willing to pay *something* for ongoing security.

> I can state plainly, security professionals/certified persons means little 
> where I ern a paycheck, as they tend to have certs indeed, and yet lack a 
> skill tween the whole group of 10 or so, in fact we could hire monkeys to 
> accomplish the same "scan reports" that are the height of their abilities.

While I'm constantly dismayed by the lack of true understanding in the 
field, that doesn't abate the fact that someone's paying for something 
security-ish.

> Now to the end of the statement, do they have pull with mgt?  Well, they 
> are pulling in a far different diredtion the more they tend to ruffle 
> whole departments by crying wolf <sorry, no that trojan port your nessus 
> scan spotteed means less this month then it did last month you spewed it 
> up the mgt hill on our RACF mainframe, or sorry no your nessus skills are 
> not truely honed if you think pcanywhere is running on that solaris box>.

But it's a long climb from "Hey, you're a computer person, here's a 
security hat" to "Hey, let's hire some security people."  That's a big 
jump forward- NOW we need to direct that energy more productively.  That's 
why I think we need to go back and start rattling firewall ruleset cages 
instead of looking at shiney IDS reports, we've now got to get some 
common, solid, understood security baseline industry-wide, otherwise we 
all get painted with the "ineffective" brush.

> We have more personell that do not work with ISO with a clue towards 
> security in their prospective realm/OS/platform or on a whole then any of 
> the certified monkeys that ISO has hired to "secure" this state, and the 
> more pull with mgt thet have means the worse things get with each new 
> project rolled out...
> 

It's a problem many would be happy to have- the assault has begun, you 
have a gun, it's just pointed at your own foot.  You can adjust your aim- 
some folks out there are still trying to get to step one.  We do need to 
get people away from thinking IDS reports are filled with security-fu.

How many here have taken Avishai's study and compared it to their own 
rulesets?  Their business partners?  Forwarded a synopsis or copy up the 
chain?

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
paul@xxxxxxxxxxxx       which may have no basis whatsoever in fact."
http://fora.compuwar.net      Infosec discussion boards 

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • RE: Vulnerabilites in new laws on computer hacking
    ... To learn computer / network security is expensive and the materials are costly in a lot of situations. ... Vulnerabilites in new laws on computer hacking ... difference between these two types of attacks but I don't think that judges ... create a generation of ignorant security professionals. ...
    (Bugtraq)
  • Re: Know your enemy, Virtual Honeynets, Yet more information
    ... In regards to honeypot logs I would suggest that unless you are paying close, ... >> information security ARE NOT security professionals, ... >> appreciated systems administrators, who struggle enough as it is ...
    (Focus-IDS)
  • RE: [Full-disclosure] IT security professionals in demand in 2006
    ... There is more to IT security than exploits and viruses. ... I don’t know a lot of security professionals that can explain the mechanism used by a virus to circumvent AV software detection. ... [Full-disclosure] IT security professionals in demand in 2006 ... > Charter: http://lists.grok.org.uk/full-disclosure-charter.html ...
    (Full-Disclosure)
  • RE: Vulnerabilites in new laws on computer hacking
    ... To learn computer / network security is expensive and the materials ... Vulnerabilites in new laws on computer hacking ... difference between these two types of attacks but I don't think that judges ... create a generation of ignorant security professionals. ...
    (Bugtraq)
  • Re: Federally Mandated Certification of cybersecurity professionals?
    ... Information Security Professionals and stated that one of its ... attain that certification. ... however the government controls the funding ...
    (Pen-Test)