As with every other endeavor in life, there is an easy way to run a network, and then there is the proper way to run a network. The two do not necessarily happen together. Recall the fundamental tradeoff between secure, usable, and cheap in Chapter 1, "Introduction to Network Protection." The vast majority of networks are built to be usable and cheap, where cheap means "simple to deploy." The problem is that the easy way is not always the secure way. In many cases, operational practices that are simple also simplify an attack. In other cases, those practices outright enable attacks. Most networks today are built on what we call the "eggshell principle."
This principle is critically important to understand. The fact is that if an attacker can gain a foothold onto the network, the rest of the network will usually fall like dominoes. Once inside, the most difficult part is often to figure out what to attack next and where to go for the really juicy bits of information. However, it does not have to be this way. With the proper techniques, we can achieve two crucial objectives:
The principle behind the first objective is that it is preferable to keep the attacker totally out of your network. This is where patching, perimeter protection, and exposed application security come in. In this chapter, we cover only how these protection measures break down. In the rest of the book, we cover how to implement them.
The second objective states that should the first objective fail, and an attacker gains a foothold on your network, it isgenerally speakingpreferable to keep the compromise to a minimum. Rebuilding an entire network is typically much less fun than rebuilding a single host. For more information on how to get the attacker out of your network, see the section "How to Get an Attacker Out of Your Network" later in this chapter. Before we get to that, however, let's see how an attacker can compromise a network.