RE: [fw-wiz] RE: In defense of non standard ports





-----Original Message-----
From: firewall-wizards-admin@xxxxxxxxxxxxxxxxxx On Behalf Of Paul D. Robertson

On Fri, 27 Jan 2006, R. DuFresne wrote:



Now to the end of the statement, do they have pull with mgt? Well, they
are pulling in a far different direction the more they tend to ruffle
whole departments by crying wolf <sorry, no that trojan port your nessus
scan spotted means less this month then it did last month you spewed it
up the mgt hill on our RACF mainframe, or sorry no your nessus skills are
not truly honed if you think pcanywhere is running on that solaris box>.

But it's a long climb from "Hey, you're a computer person, here's a
security hat" to "Hey, let's hire some security people." That's a big
jump forward- NOW we need to direct that energy more productively. That's
why I think we need to go back and start rattling firewall ruleset cages
instead of looking at shiny IDS reports, we've now got to get some
common, solid, understood security baseline industry-wide, otherwise we
all get painted with the "ineffective" brush.
---------------------

I have just started to teach a course in computer/information security to people
studying for a community college diploma in (physical) security management. They
are not computer types but are much more aware of the principles of security
than most computer people. Perhaps these are the people to help get computer
security out of the bench jockey mode and into the "this a priority in how we
run this organization" mode.
Interestingly with respect to non standard ports. Yesterday I explained that
computer ports are somewhat like doors and loading bays in a building. One of
the principles of physical security is that you should never allow a door to be
unlocked without authorization (either a guard or an authorized person with the
key). They were aghast when I explained that some systems let people arbitrarily
add new ports to their servers without a security review for the necessity. It
would be a firing offence to have someone decide that they could leave a loading
dock open all week just so that someone could deliver something next Saturday.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • OT: What will he do next?
    ... That was National Security. ... President Bush said Tuesday that a deal allowing an Arab company to take ... Senate Republican Leader Bill Frist urged the administration to ... Ports World, a state-owned business in the United Arab Emirates. ...
    (comp.sys.hp.mpe)
  • Re: Political Analysis of Security Products
    ... > bee collected nor has any evidence of such a backdoor ever really been ... send several packets to ports on the target system. ... be used for booth sides of the security game. ...
    (Pen-Test)
  • Re: Port security, continued
    ... CITING NATIONAL SECURITY, ... WASHINGTON - PRESIDENT BUSH WAS UNAWARE OF THE PENDING SALE ... THE WHITE HOUSE SAID WEDNESDAY. ... EMERGENCY LEGISLATION TO SUSPEND THE PORTS DEAL. ...
    (sci.med.transcription)
  • Re: How you can help
    ... pleased to have you here as I sign a bill that will help protect the ... American people and our ports. ... Homeland Security, Michael Chertoff, for his service to the country. ... appreciate that Senate Majority Leader Bill Frist has joined us. ...
    (rec.gambling.poker)
  • Re: Finally, a secure computer
    ... paranoia in the security aspects of IIS administration. ... security at the IBM website is compromised, ... I ran a port check on 10,000 plus ports (I ... > trouble downloading updates [I'm not sure about AVG pro, ...
    (microsoft.public.inetserver.iis.security)