You say your network is secure? DigiNotar probably thought the same!

Hello,

provocative headline right? I just recently read that thats the way to catch readers *blunt*

Im not going to discredit your networks security in this (short) post but just want to make a point I’m making over and over again to everyone who is talking about network security:

I dont think there are secure networks anymore today!

The Web 3.0 (or 2.8 as Microsoft might version it) is just too complex and even the layers and layers of security gateways you can shove into your network to protect it can cause security risks themselves. Examples:

I think with the right kind of backing (money and influence mostly) everyone can hack everything. Whole stretches of countries like Russia and China live on cyber criminality nowadays and skilled hackers come cheaper by the day.

A good example for this is the, in terms of IT calculation of times, ancient DigiNotar hack which was properly disclosed by the security company that researched it. A quite extensive report can be downloaded here:

http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2012/08/13/black-tulip-update/black-tulip-update.pdf

I recommend this as a good read for every Network Security administrator and anyone who is interested in secure network/dmz design and how it can be circumvented in the end.

Most companies would rather die, or get hacked again and let it leak ;), than disclose such detailed reports on how their network security failed! So this report is a real jewl in my opinion!

But as the CCC stated the SSL-System is broken anyhow:

http://www.heise.de/newsticker/meldung/29C3-Das-SSL-System-ist-grundlegend-defekt-und-jemand-muss-es-reparieren-1774989.html (in german language only)

But don’t get me wrong: I still think all those layers of network security are important (to save my job and) to keep all those script kiddies and lesser skilled hackers and competitors at bay!

Feel free to leave a comment about how you feel regarding Network Security as a whole.

Regards
Sebastian

Advertisements

About SebastianB

read it in my blog
This entry was posted in SecurityNews and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s