RSS |
 |
| C O L U M N S | |
| |
Knowledge Is Power July 24, 2000 By Mike Fratto What do you think of when you hear the words, "We've been hacked"? Images come to mind of pasty-faced young men or boys cranked-up on Mountain Dew and pizza weaving secret incantations that us mere mortals can only dream of knowing. Powerless, we stand before these techno-wizards, these necromancers, as they burrow deep into our networks. Back to reality. Sure, there are some very skilled crackers out there who can get into your network without your knowledge. It doesn't matter if yours is an ISP, Fortune 1000, or dot.com start-up. It doesn't matter how much hardware and software you invest in for your network's security. If you're your network is of interest to someone, a determined attacker will get in. There are just too many avenues for entry--over the network, through the front door, over a phone line, in the dipsy dumpster. Just swallow that pill.
No one can guarantee network security. Anyone who claims that they can completely protect you from an attack is simply irresponsible. Truthfully, you'd be hard-pressed to find an organization making that claim today. But recently I was speaking with some network administrators whose company was concerned about network security. So the company did what seems to be a reasonable thing and hired the "eighth most skilled hacker" in the world to perform a network audit. (Now I don't claim to be in the underground scene, but if anyone knows of a 31337 (elite) cracker "Olympics style" contest that makes a ranking, well I'm just dying to know.). And these administrators were concerned about what these d00dz might find.
But these administrators were already on the ball and just didn't realize it. In less than five minutes of conversation, I knew they had their network down cold--they knew it inside and out. They could name the services they were running and on what type of machines. They had the topology laid out, and they had a list of the current patches installed as well as a timeline for new, future patches. They also could name a number of weaknesses they had to live with for procedural and/or political reasons. These guys were smart.
They knew that given enough time and determination, an attacker was going to get in. They had no illusions of being "hacker-proof" and they didn't have the time to even make that lofty attempt. They had a network to run, users to appease. You know the drill.
What they wanted was so seemingly simple: to know how to detect an attack. They had done everything they knew to secure their network. They took all the right steps. They put up a firewall, limited access to key services and networks, filtered and scanned all content passing to and from external networks, put semipublic servers in the DMZ and looked after physical security and personnel management. But when push comes to shove, what matters is knowing. The outcome of a network audit may be valuable, but on an on-going basis, knowing when an attack is under way, being able to track the attack from start to finish (or as far down that path as you can go), is far more valuable. Because only when you know you have been attacked can you take corrective action. Send your comments on this column to Mike Fratto at mfratto@nwc.com.
| |
Best of the Web
Data deduplication: Declawing the clones
Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.
Compression, Encryption, Deduplication, and Replication: Strange Bedfellows
One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.
WAN Optimization Whitelists and Blacklists
Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.
WAN Optimization as a Managed Service: It's Not About the Cost
This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.
