Re: REVIEW: "Network Security Essentials", William Stallings
From: johns (johnsxxx_at_mudbog.edu)
Date: 04/28/04
- Next message: johns: "Re: REVIEW: "Network Security Essentials", William Stallings"
- Previous message: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Network Security Essentials", William Stallings"
- In reply to: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Network Security Essentials", William Stallings"
- Next in thread: johns: "Re: REVIEW: "Network Security Essentials", William Stallings"
- Reply: johns: "Re: REVIEW: "Network Security Essentials", William Stallings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Apr 2004 11:03:27 -0700
In other words the book is "academic" in nature, and
not realistic in terms of providing actual security on a
network. A new book is being written collectively on
the Internet .. which I would like to recommed to
everybody. It has no title, yet, .. but basically, I can
only describe it in terms of "acceptable losses". Don't
quote me on these figures .. I've been reading too
many sites to be accurate: last year, ebay did 2 billion
dollars in sales. Roughly 21 million was stolen by
spoofing URLs and stealing buyer / seller identities.
Meaning what? Meaning that so-called Internet security
regards financial dealings is a joke !!!!!!!!!!!!!!!!!!!!
For example: If you try to make a VISA payment
through 2Checkout.com, you are likely to get an "address
error - authorization failed: TRY AGAIN" error
message. If you "try again", the error will repeat as
many times as you "try again". Unknown to you, those
VISA payments are actually going through to VISA,
and potentially to an off-shore client. If you don't catch
it in time either: VISA eats it. You get your card canceled.
Ebay does a "charge back" to a seller who is not in-
country ( fat chance ). Or, possibly, it was a spoof site,
and the crook is gone ... many possibilities. This kind
of Social Engineering is ingenious, and all this academic
talk about network security is just silly. Oh .. and if you
call the FEDS about getting ripped off ... there will be
this great silence coming back in the form of a canned
reply suggesting that you "try again". HTML is not spoof
proof at all. Web pages that look like legit sites are
easy to create .. including all the crap about "secure"
connections, and anybody can fall for the con ... including
professionals working inside a so-called secure network
who respond to a link in an email from "the boss" ... the
link sending them to the "bosses" web page where they
give up the shop. The Courts and the big companies
are moving fast to "weasel word" what they do, and
run from potentially about 200,000 lawsuits against
ebay alone ( that is how many hits I got when I googled
"ebay fraud" ). Ebay now claims that they are not
"auctioneers", so it is not their fault :-)
johns
- Next message: johns: "Re: REVIEW: "Network Security Essentials", William Stallings"
- Previous message: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Network Security Essentials", William Stallings"
- In reply to: Rob Slade, doting grandpa of Ryan and Trevor: "REVIEW: "Network Security Essentials", William Stallings"
- Next in thread: johns: "Re: REVIEW: "Network Security Essentials", William Stallings"
- Reply: johns: "Re: REVIEW: "Network Security Essentials", William Stallings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
