Security Basics: RE: About War Driving ..

["David Gillett" <gillettdavid () fhda edu>]

  Eric didn't say *layered defence* was painting the door blue and
moving it around the side.  He said that Ansgar's view of the
measures which FatalSaint offered -- and which FatalSaint *called*
"layered defence" (calling it doesn't necessarily make it so!) --
were like painting and moving the door.

  Layered defence is an important and valuable concept.  But to be
useful, the individual layers need to actually constitute defences,
and Ansgar and Eric are saying that FatalSaint's suggestions don't
really measure up to that requirement. 

  If FatalSaint had suggested measures analogous to a guard and bars
and a dog, I don't think anyone would have argued.  The question then
is:  What measures are available to the admin of a wireless network
that are more analogous to these sorts of physical measures than the
suggestions that were offered?  (All of my authorized wireless points
are behind firewalls that filter traffic and log activity, and the
new one can triangulate client location as well.  But that's probably
out of the original poster's budget range.)

David Gillett


> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com] On Behalf Of Francois Yang
> Sent: Tuesday, December 12, 2006 9:36 AM
> To: Eric Furman
> Cc: security-basics () securityfocus com
> Subject: Re: About War Driving ..
>
> I actually disagree with this analogy.
> layered defense in this scenario would be; add a security 
> guard to the front door, add bars to the windows and add a 
> watch dog inside the house.
> So the entry points are the same they didn't move, you just 
> added some extra security to these entry points. So now if 
> someone wanted to get in the house, they would have to get 
> past the security guard before reaching the door, or get past 
> the bars on the windows before getting to the windows, and 
> once they get past those, hopefully the guard dog would catch him/her.
>
>
> On 12/9/06, Eric Furman <ericfurman () fastmail net> wrote:
> > On 8 Dec 2006 14:28:21 -0000, krymson () gmail com said:
> > > Ansgar -59cobalt- Wiechers and
> > > FatalSaint:
> > >
> > > Just want to say I'd watched this thread and I wanted to quickly 
> > > point out something I felt was kind of a poignant thing 
> in our field.
> > > You both have good points and, in my mind, you both have rather 
> > > correct approaches. One of you believes that a layered 
> defense with 
> > > multiple hurdles will slow down attackers and stop a lot of 
> > > non-savvy attackers, and the other prefers to shoot for the 
> > > highly-skilled attacker and focus his efforts.
> > >
> > > I believe both approaches are just fine, and just depends on the 
> > > people, business/network, and needs.
> > I disagree. ;-) I do agree with layered defenses, if they're real.
> > Ansgar -59cobalt- Wiechers objects to FatalSaint's security 
> measures 
> > because they amount to the following analogy; I want to 
> keep burglars 
> > out of my house. Everyone knows that the entrance to houses 
> is in the 
> > front and all doors are painted red.
> > To increase my security I am going to move the entrance to the side 
> > and I am going to paint my door blue. Yes, to the casual person, 
> > walking by, this will work, but not to any determined 
> attacker. All I 
> > have really done is make thing more inconvenient for me, 
> the resident.
> > Do not push this analogy to far, but it is essentially 
> correct. IMHO.
> >
> ----------------------------------------------------------------------
> > ----- This list is sponsored by: ByteCrusher
> >
> > Detect Malicious Web Content and Exploits in Real-Time.
> > Anti-Virus engines can't detect unknown or new threats.
> > LinkScanner can. Web surfing just became a whole lot safer.
> http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildet
> > ect
> ----------------------------------------------------------------------
> > -----
> --------------------------------------------------------------
> -------------
> This list is sponsored by: ByteCrusher
>
> Detect Malicious Web Content and Exploits in Real-Time.
> Anti-Virus engines can't detect unknown or new threats.
> LinkScanner can. Web surfing just became a whole lot safer.
>
> http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=s
> fmaildetect
> --------------------------------------------------------------
> -------------

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------