From: f.harster (f.harster@evc.net)
Date: Fri May 10 2002 - 04:46:45 EDT
Interesting point.
What would be your suggestion(s) to strengthen security in a production
environment according to your experience ?
At the moment I mostly rely on redundant single defenses to slow down
potential intrusion so that it gives me some precious extra time to
react and isolate the LAN. However I can feel how weak and unsatisfying
such a system is when uptime matters, since this "strategy" implies a
rather long recovery time...
cheers
Fred
Ray Parks wrote:
> Just remember this aphorism - Depth without Breadth is useless.
> We engaged in a series of experiments within the DARPA IA program in
>which we proved that Defense in Depth is an over-rated concept. Layered
>defenses can actually be weaker than single defenses because
>administrators/developers think that another layer is providing the defense
>they are ignoring. The results of these experiments were recorded in a
>paper, unfortunately I don't have a cite at this time.
> Bottom line - we were able to get through layers of defense in depth
>because we could attack each layer in a different way. This allowed
>attacks to woogle through to the goal despite multiple layers of defense.
>
>
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:28:08 EDT