|
search / subscribe / upload / contact |
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
| RSS-Feed Depeschen |  |
|
|
||
|
||
Date: 2001-04-16
Krypto, Krieg & Clausewitz-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- letzlich etwas umgetan. Seine Argumentation legt nahe, daß er der Lektüre Clausewitzens bedürftig wäre, aber nicht weiß, dass "Vom Kriege" genau das erklärt, wohin sie zielt. -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- Natural Advantages of Defense: What Military History Can Teach Network Security, Part 1 Military strategists call it "the position of the interior." The defender has to defend against every possible attack. The attacker, on the other hand, only has to choose one attack, and he can concentrate his forces on that one attack. This puts the attacker at a natural advantage. Despite this, in almost every sort of warfare the attacker is at a disadvantage. More people are required to attack a city (or castle, or house, or foxhole) than are required to defend it. The ratios change over history -- the defense's enormous advantage in WW I trench warfare lessened with the advent of the WW II blitzkrieg, for example -- but the basic truth remains: all other things being equal, the military defender has a considerable advantage over the attacker. This has never been true on the Internet. There, the attacker has an advantage. He can choose when and how to attack. He knows what particular products the defender is using (or even if he doesn't, it usually is one of a small handful of possibilities). The defender is forced to constantly upgrade his system to eliminate new vulnerabilities and watch every possible attack, and he can still get whacked when an attacker tries something new...or exploits a new weakness that can't easily be patched. The position of the interior is a difficult position indeed. A student of military history might be tempted to look at the Internet and wonder: "What is it about warfare in the real world that aids the defender, and can it apply to network security?" Good question. The defender's military advantage comes from two broad strengths: the ability to quickly react to an attack, and the ability to control the terrain. The first strength is probably the most important; a defender can more quickly shift forces to resupply existing forces, shore up defense where it is needed, and counterattack. I've written extensively about how this applies to computer security: how detection and response are critical, the need for trained experts to quickly analyze and react to attacks, and the importance of vigilance. I've built Counterpane Internet Security's Managed Security Monitoring service around these very principles, precisely because it can dramatically shift the balance from attacker to defender. The defender's second strength also gives him a strong advantage. He has better knowledge of the terrain: where the good hiding places are, where the mountain passes are, how to sneak through the caves. This provides the defender with an enormous advantage. He can modify the terrain: building castles or surface-to-air missile batteries, digging trenches or tunnels, erecting guard towers or pillboxes. And he can choose the terrain on which to stand and defend: behind the stone wall, atop the hill, on the far side of the bridge, in the dense jungle. The defender can use terrain to his maximum advantage; the attacker is stuck with whatever terrain he is forced to traverse. On the Internet, this second advantage is one that network defenders seldom take advantage of: knowledge of the network. The network administrator knows exactly how his network is built (or, at least, he should), what it is supposed to do, and how it is supposed to do it. Any attacker except a knowledgeable insider has no choice but to stumble around, trying this and that, trying to figure out what's where and who's connected to whom. And it's about time we exploited this advantage. Think about burglar alarms. The reason they work is that the attacker doesn't know they're there. He might successfully bypass a door lock, or sneak in through a second-story window, but he doesn't know that there is a pressure plate under this particular rug, or an electric eye across this particular doorway. McGyver-like antics aside, any burglar wandering through a well-alarmed building is guaranteed to trip something sooner or later. Traditional computer security has been static: install a firewall, configure a PKI, add access-control measures, and you're done. Real security is dynamic. The defense has to be continuously vigilant, always ready for the attack. The defense has to be able to detect attacks quickly, before serious damage is done. And the defense has to be able to respond to attacks effectively, repelling the attacker and restoring order. This kind of defense is possible in computer networks. It starts with effective sensors: firewalls, well-audited servers and routers, intrusion-detection products, network burglar alarms. But it also includes people: trained security experts that can quickly separate the false alarms from the real attacks, and who know how to respond. This is security through process. This is security that recognizes that human intelligence is vital for a strong defense, and that automatic software programs just don't cut it. It's a military axiom that eventually a determined attacker can defeat any static defense. In World War II, the British flew out to engage the Luftwaffe, in contrast to the French who waited to meet the Wehrmacht at the Maginot Line. The ability to react quickly to an attack, and intimate knowledge of the terrain: these are the advantages the position of the interior brings. A good general knows how to take advantage of them, and they're what we need to leverage effectively for computer security. http://www.counterpane.com/crypto-gram- 0005.html#ComputerSecurityWillWeEver Learn> The importance of detection and response in network security: <http://www.counterpane.com/crypto-gram- 0005.html#ComputerSecurityWillWeEver Learn> Marcus Ranum has written and spoken about Internet burglar alarms. <http://web.ranum.com/pubs/pdf/burglar-alarms.pdf> Natural Advantages of Defense: What Military History Can Teach Network Security, Part 1 Military strategists call it "the position of the interior." The defender has to defend against every possible attack. The attacker, on the other hand, only has to choose one attack, and he can concentrate his forces on that one attack. This puts the attacker at a natural advantage. Despite this, in almost every sort of warfare the attacker is at a disadvantage. More people are required to attack a city (or castle, or house, or foxhole) than are required to defend it. The ratios change over history -- the defense's enormous advantage in WW I trench warfare lessened with the advent of the WW II blitzkrieg, for example -- but the basic truth remains: all other things being equal, the military defender has a considerable advantage over the attacker. This has never been true on the Internet. There, the attacker has an advantage. He can choose when and how to attack. He knows what particular products the defender is using (or even if he doesn't, it usually is one of a small handful of possibilities). The defender is forced to constantly upgrade his system to eliminate new vulnerabilities and watch every possible attack, and he can still get whacked when an attacker tries something new...or exploits a new weakness that can't easily be patched. The position of the interior is a difficult position indeed. A student of military history might be tempted to look at the Internet and wonder: "What is it about warfare in the real world that aids the defender, and can it apply to network security?" Good question. The defender's military advantage comes from two broad strengths: the ability to quickly react to an attack, and the ability to control the terrain. The first strength is probably the most important; a defender can more quickly shift forces to resupply existing forces, shore up defense where it is needed, and counterattack. I've written extensively about how this applies to computer security: how detection and response are critical, the need for trained experts to quickly analyze and react to attacks, and the importance of vigilance. I've built Counterpane Internet Security's Managed Security Monitoring service around these very principles, precisely because it can dramatically shift the balance from attacker to defender. The defender's second strength also gives him a strong advantage. He has better knowledge of the terrain: where the good hiding places are, where the mountain passes are, how to sneak through the caves. This provides the defender with an enormous advantage. He can modify the terrain: building castles or surface-to-air missile batteries, digging trenches or tunnels, erecting guard towers or pillboxes. And he can choose the terrain on which to stand and defend: behind the stone wall, atop the hill, on the far side of the bridge, in the dense jungle. The defender can use terrain to his maximum advantage; the attacker is stuck with whatever terrain he is forced to traverse. On the Internet, this second advantage is one that network defenders seldom take advantage of: knowledge of the network. The network administrator knows exactly how his network is built (or, at least, he should), what it is supposed to do, and how it is supposed to do it. Any attacker except a knowledgeable insider has no choice but to stumble around, trying this and that, trying to figure out what's where and who's connected to whom. And it's about time we exploited this advantage. Think about burglar alarms. The reason they work is that the attacker doesn't know they're there. He might successfully bypass a door lock, or sneak in through a second-story window, but he doesn't know that there is a pressure plate under this particular rug, or an electric eye across this particular doorway. McGyver-like antics aside, any burglar wandering through a well-alarmed building is guaranteed to trip something sooner or later. Traditional computer security has been static: install a firewall, configure a PKI, add access-control measures, and you're done. Real security is dynamic. The defense has to be continuously vigilant, always ready for the attack. The defense has to be able to detect attacks quickly, before serious damage is done. And the defense has to be able to respond to attacks effectively, repelling the attacker and restoring order. This kind of defense is possible in computer networks. It starts with effective sensors: firewalls, well-audited servers and routers, intrusion-detection products, network burglar alarms. But it also includes people: trained security experts that can quickly separate the false alarms from the real attacks, and who know how to respond. This is security through process. This is security that recognizes that human intelligence is vital for a strong defense, and that automatic software programs just don't cut it. It's a military axiom that eventually a determined attacker can defeat any static defense. In World War II, the British flew out to engage the Luftwaffe, in contrast to the French who waited to meet the Wehrmacht at the Maginot Line. The ability to react quickly to an attack, and intimate knowledge of the terrain: these are the advantages the position of the interior brings. A good general knows how to take advantage of them, and they're what we need to leverage effectively for computer security. The importance of detection and response in network security: http://www.counterpane.com/crypto-gram-0005.html#ComputerSecurityWillWeEver Learn Marcus Ranum has written and spoken about Internet burglar alarms. http://web.ranum.com/pubs/pdf/burglar-alarms.pdf -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- - -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- edited by Harkank published on: 2001-04-16 comments to office@quintessenz.at subscribe Newsletter - -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- 
|
|
|
 |
CURRENTLY RUNNING |
q/Talk 1.Juli: The Danger of Software Users Don't Control
|
|
|
!WATCH OUT! |
bits4free 14.Juli 2011: OpenStreetMap Erfinder Steve Coast live in Wien
|
|