Past Meeting - October 21, 2004

Security without Firewalls: Myths and Practical Reality of Effective Security

Summary

Abe gave a great presentation on how and why the Supercomputer Center has no firewalls. Basically, the reason that SDSC can get away with this is that they keep all platforms up to date on their patches, and they make sure users have strong passwords. Given this, there have been no breakins attributable to systems failing to protect themselves. The one breakin that has occurred involves a hacker stealing the legitimate passwords of external users, and then using those users' accounts to gain control over machines. The one exception to the SDSC philosophy is Windows machines -- Abe recommends firewalls for machines that can't protect themselves ... meaning Windows machines.

Abstract

While firewalls and other technologies are popularly believe to be the "correct" approach to effectively securing a network. However, there is little practical basis for these beliefs, and SDSCs track record, while not perfect, has demonstrated that there are other methods to securing networks that may be more effective. This talk will explain some of the common myths and realities about security practices, and attackers capabilities and motives. Included will be an overview of a recent attacker's methods and patterns of behavior, and how our defenses helped us detect and contain the intruder.

Presenter Bio

Abe Singer is a Computer Security Researcher with the Security Technologies Group at the San Diego Supercomputer Center, and is also an occasional consultant and expert witness. He has been in the security field for over 9 years, and has been a programmer and system administrator for an additional 15 years. Mr. Singer is the author of "Building a Logging Infrastructure," due out in November, 2004.