How would you answer this?

Unanswered Question
Jun 7th, 2007
User Badges:

Ok, I would guess this is an obvious question but I have been googling and cant find it. I am asking anyone to answer this question.

"List the primary threats to network security."


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
scottmac Thu, 06/07/2007 - 16:17
User Badges:
  • Green, 3000 points or more

Easy one!

#1.) Users (people on the inside system)

Smart ones are always trying to get around secutiry (to surf the sites they wanna surf, to steal music while on a big pipe, etc)

Dumb ones do things that no developer or admin could ever think to do and they break stuff in ways that Ripley's could write about.

#2.) Weak management (people, the "bosses") for not creating a good security policy, or, if they have one, not enforcing it.

Every aspect of security goes right out the window unless a good policy is in place and enforced.

You can have the best, most up-to-date, expensive, fully-patched perfect security hardware and software in the world protecting your network ... all it takes is one user going to the wrong site and you now have an infected node (same goes for USB memory fobs, floppy disks, CDs with pirated software, trojanware, etc).

MOtivated ones will bring in SOHO APs (wide open) so they can use their wireless PDAs, or toss a SOHO router (for more switch ports) and leave DHCP enabled so users strt getting the wrong addresses and gateways (and triggering the network monitoring / IDS that there's an intruder) ... the list is nearly endless ...

All other security risks are trivial in magnatude to either / both of the above.

There is a "too far int eh opposite diretion" too ... if the policy is too strict, or the passwords are too long or complicated, then the users start writing their passwords on sticky notes under their keyboard ... easy targets.

There is a delicate balance between too much and too little, that's where security experts make their money ... finding the perfect place to put the line.

"Trust me" ;-}



This Discussion