Re: Moving from Defense to Offense (or vice versa) to secure your network

From: Byron Sonne (blsonne_at_rogers.com)
Date: 11/27/05

  • Next message: Frederic Charpentier: "Re: Moving from Defense to Offense (or vice versa) to secure your network" 
    Date: Sun, 27 Nov 2005 11:14:51 -0500
To: Erin Carroll <amoeba@amoebazone.com>

    > I was having an interesting discussion with a coworker the other day about
    > the differences between pen-testing (offense) and network security work
    > (defense) which we do in our day jobs. <snip>
    > I would be interested to hear some cases you have run into out there.

    I started in the defensive camp and moved to the offensive camp. Was
    just plain easier and more interesting.

    The situation, I think, is highlighted quite nicely by the hobby of lock
    picking. As a kid I held people that could pick locks in almost the same
    regard as magicians, 'cos I couldn't do it and therefore couldn't get my
    mind around the whole deal. Flash forward a couple decades later and I
    finally buy myself a set of lock picks, and subsequently find out that
    it's the easiest thing in the world. Scary thing was, almost everyone I
    passed the kit to turned out to be better than me. Flat out, you're not
    going to get every lock. But you will get most.

    If a man can make it, a man can break it. A good admin has to defend
    against every single attack succesfully. An attacker only needs to get
    that one way in that one time. The pay off and risk compared to effort
    and exposure always favours the attacker. So, why not operate in the
    attacker mode too? Instead of investing in the greatest locks for your
    building according to industry heads and 'independent' magazines, go
    around and try to pick your own locks instead and *know* the actual
    state of your defenses.

    The metaphor falls down competely in other regards, but what can you do.
    In reality, the proper mix is going to be both defensive and offensive.

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------

  • Next message: Frederic Charpentier: "Re: Moving from Defense to Offense (or vice versa) to secure your network"

    Relevant Pages