Perl-Sensitive Sunglasses | |
PerlMonks |
Be Very Wary ALWAYSby Clownburner (Monk) |
on Apr 28, 2001 at 22:36 UTC ( [id://76401]=note: print w/replies, xml ) | Need Help?? |
Ok, this is the sort of thing that really bugs me. <RANT ON> I do a fair bit of security consulting for our customers - mostly at the network infrastructure level. I used to be constantly amazed by the volume and severity of security problems being exploited on the net, but now, like most people in the security business who've been doing this for more than a few weeks, I've begun to grow jaded and cynical about the whole thing. See, news stories like this provoke people into doing what they should have been doing all along; the danger from a few chinese crackers is probably minimal compared to the danger posed by the legions of script kiddies out there, every day, performing "blind penetration testing" on every node that will respond to a ping or TCP port. The excuses that these customers offer are laughable, considering that they are responsible for several hundred to several thousand nodes and multi-million dollar businesses. They range from "Oh, well, we moved Telnet to port 1234, where no one will find it" to "We're just not important enough to be a target." The sad reality is that EVERYONE is a target - random scanning tools have seen to that - and that EACH AND EVERY time a system is compromised, it weakens the security posture of the rest of the Internet. Those excuses and that attitude is what makes massive Distributed Denial-of-Service attacks possible - and very difficult to defend against. I realize most of the readers here are more clueful than most, and that largely, I'm preaching to the choir here. Having said all that, here's my public service announcement for the week:
Things should be as simple as possible, but not simpler. - Einstein
In Section
Meditations
|
|