On Wed, 25 Jan 2006, Matthew.Harvey@usdoj.gov wrote:

> focus on physical security. If I ever told someone that we "didn't need"
> motion detectors or roving guard checks because our access control was
> THAT good, I don't think I would have lasted too long. Yes, in an ideal

A lot of us learned that way- however the point you're missing is that
you're putting IR sensors tuned out to 300m to guard a bunch of bills
secured in a cardboard box in the middle of Times Square on New Years Eve.

> world no "bad" traffic can get through a properly configured proxy
> firewall, BUT the bad guys have imaginations, too! Often better and more
> evil imaginations that the guys who wrote the protocols and maybe even
> better than the guy who wrote the proxy (sorry, MJR, but it is
> possible).

That doesn't change the fact that if you're not doing the basics right
then bells and whistles don't improve your overall security posture as
much as getting the basics right will.

Look at Avishai's study- then tell me that more IDS is the first thing we
need, and do it with a straight face. Passive IR is a cool technology,
but it sure as heck shouldn't be your first or only line of defense.

Paul D. Robertson "My statements in this message are personal opinions
paul@compuwar.net which may have no basis whatsoever in fact."
http://fora.compuwar.net Infosec discussion boards

firewall-wizards mailing list