Summary


In this chapter, we analyzed the effectiveness of two good security designs. Each provided multiple layers of defense using different security techniques to provide defense in depth, and each would prove difficult for a real-world attacker to break into. However, as good as they were, we were able to identify areas in each that could be improved.

The process we used to accomplish this was adversarial review. Instead of concentrating on what the security architecture prevented, we concentrated on what it might allow. As is often the case, a design might allow far more than you expect. When performing your own adversarial review, keep a few things in mind:

  • It is not important what a device is supposed to do. Think about what it could do.

  • Pay special attention to the services accessible to the attacker. These are where the attack must start.

  • Do not assume that the attacker will always be external. It is a useful exercise to look at each of your network segments to see what an attacker could accomplish if he started his attack from there.

  • Pay attention to the ways your design can reduce an attacker's ability to discover your network, but conduct your own review as if the attacker has full knowledge of your design. This might seem unfair, but it is much better to weed out all vulnerabilities, not just the vulnerabilities you think will be easy for an attacker to discover.

It is much better for you to conduct this review than to allow the vast collection of Internet attackers to perform it for you. We hope this chapter has provided you with the incentive to look at your designs in a new light.



    Inside Network Perimeter Security
    Inside Network Perimeter Security (2nd Edition)
    ISBN: 0672327376
    EAN: 2147483647
    Year: 2005
    Pages: 230

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net