tag:blogger.com,1999:blog-7347279.post1492947395056526299..comments2023-08-26T05:04:33.009-04:00Comments on anti-virus rants: why X is insecure - and probably always will bekurt wismerhttp://www.blogger.com/profile/03810635947269551517noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-7347279.post-13020763020931443162007-12-12T16:07:00.000-05:002007-12-12T16:07:00.000-05:00You know, that's an interesting way you put it. I ...You know, that's an interesting way you put it. I truly do put more emphasis on detection and logging and basically making sure we know as much as we can about our environments. Even weird anomalies can tip an intruder's hand.<BR/><BR/>I think you're onto something!Unknownhttps://www.blogger.com/profile/15357840241031190415noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-42981010499461511952007-12-12T10:46:00.000-05:002007-12-12T10:46:00.000-05:00this is all about prevention, of course... i wonde...this is all about prevention, of course... i wonder if maybe we shouldn't pay a lot more attention to detecting preventative failures... i think we may actually have the <I>numerical advantage</I> there as (in a classic role reversal) the bad guys have to defend against all possible ways of discovering the compromise while we only have to find one successful method to detect the compromise...kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-83649487414341444312007-12-12T10:19:00.000-05:002007-12-12T10:19:00.000-05:00Good post! Kinda feels like normal law enforcement...Good post! Kinda feels like normal law enforcement types of security. They're not going to stop everything (vulns) and everyone (threats) nor protect all assets (people and things in an area). It just doesn't happen and never will.<BR/><BR/>I like Richard's ideas on going after threats, and I think that is a very effective method, but suffers from the "Well, that's great if you have that power, but I don't" and "For every one there's two more..." problems.<BR/><BR/>Will we ever solve all the vulns? Nope. Will we make defense easier? I wish...at least most of us have some sort of control over this. Sadly, businesses moving foward almost always run counter. Business unit A wants this tool, Business unit B wants this tool, both widely divergent but both justified through business...accepted risks, limited budgets and trained IT staff, and so on. All really makes it difficult to run a clean, streamlined shop.<BR/><BR/>Makes me sound doom and gloom when I simply think it's realistic. :)Unknownhttps://www.blogger.com/profile/15357840241031190415noreply@blogger.com