Security Basics mailing list archives
re: "It's ok we're behind a firewall"
From: H C <keydet89 () yahoo com>
Date: Thu, 20 Feb 2003 13:42:41 -0800 (PST)
"It's ok we're behind a firewall"
Well, depending on the issue, that may be a valid answer, particularly when qualified w/ other security mechanisms.
1. Still a large majority of computer crime (data
theft
damage etc) is caused by people who have access to internal systems ... is there anywhere that I can
get
facts and figures to support this?
The CSI/FBI survey usually says this...but I'm not really convinced. Take into account the method of information gathering...it's a survey, rather than data collected from actual cases. Looking at the spate of worms that have far-reaching success (CR, Nimda, Slammer) one has to really look hard at the respondant's capability to accurately detect and then resolve security incidents. However, the numbers are there, if you need them.
3. Firewalls can be breached or misconfigured ...
Most folks in the security arena understand this. And, of course, it's proven time and again.
4. Firewalls can be bypassed -
You're correct. That's why there needs to be a layered approach to security. I work for a small company, and we have A/V on the email server, as well as the desktops.
Are there any sites out there with the facts and figures about internal exploits and cautionary tales about disgruntled employees or IT savvy nighttime cleaners?
If you're able to find anything, please post it in the lists. Most of what I've seen so far has been anecdotal at best. Unfortunately those kinds of specifics just don't seem to be made public...for more reasons than I'd like to go into. __________________________________________________ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/
Current thread:
- "It's ok we're behind a firewall" John Brightwell (Feb 20)
- RE: "It's ok we're behind a firewall" Duane H. Hesser (Feb 22)
- Re: "It's ok we're behind a firewall" Gene Yoo (Feb 24)
- Re: "It's ok we're behind a firewall" Alessandro Bottonelli (Feb 22)
- Re: "It's ok we're behind a firewall" Chris Travers (Feb 24)
- <Possible follow-ups>
- re: "It's ok we're behind a firewall" H C (Feb 20)
- RE: "It's ok we're behind a firewall" Ben Schorr (Feb 22)
- Re: "It's ok we're behind a firewall" David Vertie (Feb 24)
- RE: "It's ok we're behind a firewall" James Liddil (Feb 24)
- RE: "It's ok we're behind a firewall" Chris Santerre (Feb 24)
- RE: "It's ok we're behind a firewall" Duane H. Hesser (Feb 22)