Security for a day

Building security for the edge was, in the good old days, simple. You wack in a firewall, block everything and then pretend to look at the logs. Job done, time to play Doom.

Now, there the edge is pretty much every machine and almost every device. Wireless devices (801.11, Bluetooth, IR and now usb/pci Net access cards) mobile devices (laptops to iPhones) and every day loonies then loop the network to faxes and other random networks are just some of the “new” edges to be defended again.

Policies should help control these, but the human factor generally honest mistakes, misunderstandings and impatience tend to create problems. So, you start spending time, energy and money on monitoring and managing these holes.

Anyway, SANS has had a course I’ve always been interested in called Perimeter Protection In-Depth. It used to be called the Firewall track, but had a facelift, as it covers a huge amount of other related topics and calling it just firewalls was not really fair.

Due to the foresight, wisdom, benevolence and the fact they get rid of me for a week, my management kindly allowed me to sign up for the course in Sydney.

Woohoo!

“Hold on!” I heard the voices in side my head cry, “Shouldn’t you know all this stuff anyway, you’re supposed to a security geek, isn’t this stuff a bit basic? Can’t we just take the money and hit the casino instead?” One of the many voices in my head has a bit of a gambling issue, I suspect. “Should you be doing one of the sexier hacking courses?” Another one of the voices doesn’t get out much either.

First off, the course author, Chris Brenton, is actually taking the class. Having the man responsible for writing, building and updating the material your learning sitting at the front of the room and answering my questions is neat. Second, complacency is one of the biggest mistakes in security. Challenging and debating your own ideas, concepts and knowledge with other skilled professionals is never a waste of time.

Third, if I can get the basics right, then I should be in a stronger position than many other systems out there. Let’s face it, in the SANS conference there’s going to be three other classes of people learning how to exploit networks, systems and applications. That’s roughly four of them again every one of me. Attacking is always easier in the cyberworld, they have to find only one weakness, where the defender has to find and fix them all. That includes the weaknesses that the manufacturer doesn’t even know about.

All in all, I’m look forward to six days of re-learning and re-assessing defence with Mr Brenton.

Yes, I’d love to take the 560 and 542 tracks, but I’ll save that for another day – hopefully!

See you at Cliffton’s on the Monday the 27th of October if you are attending!