Home page logo
/

basics logo Security Basics mailing list archives

Re: "It's ok we're behind a firewall"
From: Gene Yoo <gyoo () attbi com>
Date: Mon, 24 Feb 2003 09:01:10 -0800

Duane H. Hesser wrote:
On 19-Feb-2003 John Brightwell wrote:

Are there any sites out there with the facts and
figures about internal exploits and cautionary tales
about disgruntled employees or IT savvy nighttime cleaners?



It's hard to find such information, since companies are reluctant
to make it public.  Here are a couple of links which might be
useful:

http://www.gocsi.com/press/20020407.html

This is a press release by the "Computer Security Institute"
which contains a few interesting statistics, and from the page
you can request a free copy of their "2002 Computer Crime and
Security Survey", which includes some information about percent
of surveyed attacks from "inside".

You might also check out the HoneyPot Project, at

http://project.honeynet.org/

They provide a number of "Know Your Enemy..." papers, including
"Know Your Enemy: Statistics"

http://project.honeynet.org/papers/stats/

which may offer some insight into the problems a firewall might
have to face, in terms of what the "blackhat" community may
throw at it.

My view: firewalls are necessary but not sufficient (unless you
really *enjoy* forensic analysis).


i'm not sure about internal exploits, but these sites are a good place to start:

dshield.org
incidents.org
cert.org
sans.org

--
<<gyoo [at] attbi [dot] com>>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iQCUAwUBPhxERRxoVYCzmrKXAQJK5gP3Y7CTsFyKpEz2p5W4GWI9+qSm+kWfdJ0R
xNlma0Ma9rAL/OBJcZMo5IXyXas+3Edogbv4Al6dIf8lot1WS0Iaxxl/cg2f7gf+
otf7LfNpZDE/6OzR7A1qN6baPMLSjGzywwQWMfSVuWWb6kGQxMsA13Kn68G7Ozxs
5CODZqUPyg==
=AolA
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]