My Photo

Security Resources

« Where have all the Quad A's gone? A post World IPv6 day look at the DNS | Main | My $.02 on the spike in hacking »

Tuesday, 19 July 2011

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a0120a55f18a4970c015433d24bb4970c

Listed below are links to weblogs that reference A Frank Conversation About Known and Zero-day Vulnerabilities:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Hi Bill,

Thanks for the post. Yes, if you map the window/door analog onto home or SMB networks, the initial intrusion does indeed breach the firewall. In the article, we talk about containment. The interior doors of a home are poor analogs for layered security. You correctly point out that additional security measures are needed to contain the intruder to the room he's breached. (We might also have talked about preventing the theft of items in the breached room - "exfiltration" of data from SMB networks - but I'll save this for another article.)

This issue of zero-day vulnerabilities certainly accentuates the need for multiple layers of protection. The average home pc or small business user who believes they are trying to safeguard themselves is increasingly vulnerable to these types of attack because they tend to rely so heavily on one 'gold-plated', super-duper internet security package rather than taking a layered approach. Your analogy of the open window and preventing access to the rest of the house is a succinct one, but the firewall is essentially breached. If the intruder then has to break through a series of firedoors you at least have a chance to contain the bugger!

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.