You say your network is secure? DigiNotar probably thought the same!


provocative headline right? I just recently read that thats the way to catch readers *blunt*

Im not going to discredit your networks security in this (short) post but just want to make a point I’m making over and over again to everyone who is talking about network security:

I dont think there are secure networks anymore today!

The Web 3.0 (or 2.8 as Microsoft might version it) is just too complex and even the layers and layers of security gateways you can shove into your network to protect it can cause security risks themselves. Examples:

I think with the right kind of backing (money and influence mostly) everyone can hack everything. Whole stretches of countries like Russia and China live on cyber criminality nowadays and skilled hackers come cheaper by the day.

A good example for this is the, in terms of IT calculation of times, ancient DigiNotar hack which was properly disclosed by the security company that researched it. A quite extensive report can be downloaded here:

Click to access black-tulip-update.pdf

I recommend this as a good read for every Network Security administrator and anyone who is interested in secure network/dmz design and how it can be circumvented in the end.

Most companies would rather die, or get hacked again and let it leak ;), than disclose such detailed reports on how their network security failed! So this report is a real jewl in my opinion!

But as the CCC stated the SSL-System is broken anyhow: (in german language only)

But don’t get me wrong: I still think all those layers of network security are important (to save my job and) to keep all those script kiddies and lesser skilled hackers and competitors at bay!

Feel free to leave a comment about how you feel regarding Network Security as a whole.


About SebastianB

read it in my blog
This entry was posted in SecurityNews and tagged , , . Bookmark the permalink.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.