From: Don Parker (dparker@rigelksecurity.com)
Date: Tue Jan 20 2004 - 18:26:30 EST
That is very much flawed reasoning Rob. It is fine to understand things at a theoritical
level. You do however also need to be able to implement things at a technical level as
well. Take for example using an application layer f/w to help prevent the normal rash of
exploit code sent against applications. Some will still get through depending on the
programmers skill level. You will still need to recognize an egg when you see it on the
wire though. This is what I mean by understanding not only the theoritical if you like,
but also more importantly the technical as well.
Not to open up another huge can of worms here but I liken your argument to "a CISSP will
be able to do a fine job as a security officer". I would obviously disagree. You want
someone with technical skills, and not the management type mindset and skill level. Each
has their value. What is needed is though is a blend of both.
Cheers
-------------------------------------------
Don Parker, GCIA
Intrusion Detection Specialist
Rigel Kent Security & Advisory Services Inc
www.rigelksecurity.com
ph :613.249.8340
fax:613.249.8319
--------------------------------------------
On Jan 20, "Rob Shein" <shoten@starpower.net> wrote:
As much as I think that it's valuable for security personnel to know how
their attackers think and operate, I think this particular analogy is
flawed. Hacking is not part of the job, necessarily, any more than flying
is part of the programmers job in this example. I have known many excellent
security officers who couldn't run an exploit (and never had), but who
really knew their stuff and put it to use in real-world environments. It is
possible to know how to defend a network without knowing the details of how
to break into it; you're defending against concepts, not keystrokes.
<snip for b/w>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:46 EDT