RE: Intrusions

J.R.Valverde (JRVALVERDE@Samba.cnb.uam.es)
Tue, 30 Jan 1996 11:03:41 +0100 (WET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Philippe Langlois: "Re: Intro; Question"
Previous message: Paul G. Seldes: "Intrusions"

>If you break into a safe, and there is nothing there....you leave.
>This angle works for many businesses and users.
>
	Wrongly, IMHO. There is a second side to it that the analogy
fails to consider.

	If you open a safe you inmediately see what's in there. Any
unusual thing is easy to spot. And you can only use a safe to store
things. You don't use it to remotely break into another safe or to do
illegal business with it (the safe won't go out to sell drugs or
distribute pornography, it won't hide a hord of spies or fire a dynamite
bomb to a bank's safe).

	But your computer may -once broken into- be used to send
illegal data, sell illegal items, break another computer's defense
lines, etc...

	I remember one case in which the secret services of a country
contacted one University complaining of somebody breaking in their
systems from there. When followed, the chain pointed to some other
countries' secret services and an embarrassing situation for the
University.

	Now think how would your small business feel if, say the DFA
said that some colombian cartel was using your business to
clear their laundry or sell their stock. And how would you explain
that you have nothing to do with that, and that you don't care if
they use your computers for that since you don't store your sensitive
data in that safe.

	For an anlogy, say you leave the doors to your company quarters
open by night and that you never worry to look into the basement where
a satanic ring cannibalizes evary day a victim or two... The point is
that everybody closes doors when they leave work. And while they are
there they keep an eye on everything. And that's more valid the smaller
the business is.

	Hell, even the hot-dog seller locks his little carriage when 
he goes to sleep.

	Being too simplistic when estimating costs of break-in in the
modern age of IT can cost you more than you expect. Including a nice
touristical trip to the finest prisons of Taiwan -if you're lucky.

	That's where affordable and easy to use IDS systems should come in.

				jr

Next message: Philippe Langlois: "Re: Intro; Question"
Previous message: Paul G. Seldes: "Intrusions"