 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On 3/28/2013 2:21 PM, Derek Martin wrote: > This is nonsense. A script kiddie will go away after at most a > handful of meager attempts. A well-informed, extremely determined Wow. You utterly missed the point. When I say "assume an attacker will get in" it's not a statement of fact. It's a statement of philosophy. It's an assumption. I *HOPE* it's wrong. I *HOPE* that my perimeter security is good enough to deter both the script kiddie and the pro. But I still assume that it isn't because I know that I can't defend against every conceivable attack and exploit. I believe it was you who mentioned bank vaults. A public-facing server isn't the vault. It isn't the contents of the vault. It's the door to the bank lobby. I can't secure the front door anywhere near as well as I can secure the vault. What I can do is rigorously control access between the door and the vault. This is detection and containment. This is where I detect the intruder, analyze the attack, and shut it down permanently. If you think that hanging a curtain over the front door when the bank is closed is any security at all then by all means do whatever makes you feel better. -- Rich P.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
