Firewall Wizards mailing list archives
RE: Transitive Trust: 40 million credit cards hack'd
From: "Paul Melson" <pmelson () gmail com>
Date: Tue, 21 Jun 2005 10:16:22 -0400
It's a failed analogy all around, though. In the case of bear vs. runner, one bear can only maul one runner at one time. I've got screens and screens worth of alert data that show that a single e-bear can chase and maul thousands of runners at the same time. I agree that doing something is better than doing nothing. I also agree that 2-factor AAA is viable and definitely worth the effort and expense for some organizations (including mine). But if your goal for securing your organization is to be better than you think your "neighbors" (whether they're in physical, logical, or market proximity) are, then all you can hope to achieve is to not suffer a compromise at the same time in the same way as your neighbors. As far as making my network a "hard target" in the military sense (Google for "hard target interdiction" or HTI), no thank you. :) PaulM -----Original Message----- Subject: RE: [fw-wiz] Transitive Trust: 40 million credit cards hack'd And you (and others) assume there's only two runners. I still think I'll make an attempt to out run the bear and be as tough a target as I can afford, and hope the bear is smart enough to pursue the easy targets. The point is, don't make yourself the _easy_ target, when there are things you can do that the other (easier targets) aren't doing. When there are enough bears and few targets, everyone will get attacked, but don't lightly toss aside the benefit of making yourself as hard a target as you can afford. Right now, there are still plenty of honey-soaked targets for the bears to enjoy. I'm not necessarily saying this is a completely fail-safe way to secure your environment, but from what I have seen of other environments, at least the honey isn't dripping off you and leaving a trail for the bear to easily follow. Let it drip off the other guy(s). _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Transitive Trust: 40 million credit cards hack'd, (continued)
- RE: Transitive Trust: 40 million credit cards hack'd Paul D. Robertson (Jun 20)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Brian Loe (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Paul D. Robertson (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Paul Melson (Jun 21)
- RE: Transitive Trust: 40 million credit cards hack'd Richards, Jim (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Eugene Kuznetsov (Jun 20)
- RE: Broken Analogies (was: Transitive Trust) Ben Nagy (Jun 21)
- RE: Broken Analogies (was: Transitive Trust) Brian Loe (Jun 21)
- RE: Transitive Trust: 40 million credit cards hack'd Eugene Kuznetsov (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Paul Melson (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin Sheldrake (Jun 30)