HostedDB - Dedicated UNIX Servers

index_20
Auerbach Publications © 2001 CRC Press LLC 08/01 implementing an alternative route for attackers, leading them away from the traps and triggers and pointing them to our weakest points. The concept of alternative forms and directions of attack when faced with considerable fortifications can be likened to medieval warfare. Cas- tles were constructed with enormous walls to thwart intruders. Moats were filled, traps were laid, and deadly focal points were engineered to halt an attack. In some of these walls, typically under the surface of the moat, a secret gateway was placed that allowed scouts and spies out of the castle to collect information or even supplies to survive the siege. It is this reality that has repeated itself — a  gateway placed facing the world to allow allies access into the stronghold. The differentiating factor between what is being seen now and ancient warfare is that long ago the kingdom would not permit a general, advisor, or any person outside the walls that could have information valuable to the enemy. In stark contrast, today people from every level in the corporate chain access information outside of protected space. This is equivalent to send- ing a general with attack plans through the gateway, out of the castle, so he can work on the plan in his tent — presumably unprotected. It does not take much effort for an attacker to pounce on the general and collect the information that would normally require accessing the castle directly. In reality, a modern day attacker would have so much control over the victim that data could be easily modified or collected in a manner that would render the owners oblivious to their activities. Exhibit 8 clearly de- picts the evolution of the path of  least resistance. Disappointingly, the complicated labyrinthine safeguards we have constructed are squarely pointed at the enemy; meanwhile we are allow- ing the information out into the wild. The result is the finely honed and tuned wall of protection is reduced to almost nothing. Where a small set of firewalls protected information on internal networks at a single entry point, there now exist thousands of access points with no firewalls. Not only have we taken a step back but also the problem reduced by firewalls has increased in scale. Early in Internet adoption a single Internet con- nection with a firewall would suffice. Today, organizations have several Internet connections with complicated protection measures. With the ad- dition of VPNs for remote systems and small home offices, organizations have thousands of Internet connections beyond reasonable control. CASE  IN  POINT Late one Friday, I received a phone call from a friend who worked for a large national construction company as a chief engineer. Calls from him were typical when his computer was acting up or a fishing trip was being planned for the weekend. However, this call started very unusually. He stated that he thought he had been hacked — his hard drive runs late into the night and the recently loaded BlackIce was logging a great deal