Common operational misconceptions
chris at ctcampbell.com
Thu Feb 16 10:26:26 UTC 2012
This isn't so much a list of misconceptions that recent students have as a list of misconceptions that security management have…
On 15 Feb 2012, at 22:52, Rich Kulawiec wrote:
> ICMP is evil.
> Firewalls can be configured default-permit.
> Firewalls can be configured unidirectionally.
> Firewalls will solve our security issues.
> Antivirus will solve our security issues.
> IDS/IPS will solve our security issues.
> Audits and checklists will solve our security issues.
> Our network will never emit abuse or attacks.
> Our users can be trained.
> We must do something; this is something; let's do this.
> We can add security later.
> We're not a target.
> We don't need to read our logs.
> What logs?
> (with apologies to Marcus Ranum, from whom I've shamelessly
> cribbed several of these)
More information about the NANOG