Domains in Cybersecurity

 Let’s start by defining defense in depth. To understand defense in depth, picture a castle from medieval times. Think of all the security measures they put in place. First, you had the moat and only a single retractable bridge across it. If you somehow made it across the moat, you had to deal with the wall. So, you made it across the moat and scaled the wall? Now the castle is at the top of the hill, you’re wearing 100 pounds of armor and weaponry, walking uphill, sometimes several miles.


Some castles even had interior walls that forced you to take a certain, often very narrow, path. But you have to do all of that while archers are shooting at you, they’re rolling huge boulders down the hill at you, they’ve probably dumped something on the ground to make it slick, the list goes on and on and on. And then, when you finally breach the castle, you have to climb a whole host of stairs, usually fighting (fully rested) enemy soldiers as you go. For this reason, many would-be attackers decided castles were not worth attacking at all.

Modern-day defense in depth strategies revolve around this same concept of making an attacker go through multiple layers of defense, with one key difference: we’re applying that to our computer systems. Think about all the controls we have in place on our networks today: firewalls, authentication systems, intrusion detection and prevention systems (network- and host-based), router and switch security, operating system security, data encryption — the list goes on and on. Let’s be clear here, though: No system is unbreachable, so our goal with employing a defense in depth strategy is to put so many obstacles in the path that it’s now not worth the effort to attack.

Comments

Post a Comment

Popular posts from this blog

Implementing Core Cisco ASA Security (SASAC)

  ASA uses a security level associated with each interface. It is a number between 0 to 100 that defines the trustworthiness of the network that the interface is connected to; the bigger the number, the more trust you have in the network. For example, the most secure network, such as the inside LAN, should have the security level of 100. The outside network connected to an untrusted network (such as the Internet) should have the level of 0. The interface connected to the DMZ should have the security level set to somewhere between 1 and 99 (usually 50). Security levels are used to define how traffic initiated from one interface is allowed to return from another interface. By default, the higher level security interfaces can initiate traffic to a lower level. The stateful inspection determines whether the reply traffic is allowed to make it back through. The following picture illustrates the concept: level 100 for the inside network level 50 for the DMZ network level 0 for the outside ne
Read more

Netware Makes a Splash

During this period, several operating systems were developed, like IBM's MVS operating system, which still dealt with SNA. However, the development of another operating system, dubbed UNIX, really paved the way for NOS everywhere. After a project to develop a large and complex system called Multics failed to get off the ground at Bell Labs in 1969, a group of Bell researchers, led by Ken Thompson and Dennis Ritchie, started work on a less ambitious but no less powerful computing system. After a rocky first few years, Ritchie developed the C programming language, which allowed UNIX to become the first "portable" operating system, meaning it could be implemented on any computer system. The relative simplicity of the system's design and the availability of its source code turned UNIX into a darling of the academic world and a fixture on many university computer networks. Many versions of UNIX were developed, but the Berkeley Software Distribution (BSD) version, develo
Read more

How CrackStation Works

CrackStation uses massive pre-computed lookup tables to crack password hashes. These tables store a mapping between the hash of a password, and the correct password for that hash. The hash values are indexed so that it is possible to quickly search the database for a given hash. If the hash is present in the database, the password can be recovered in a fraction of a second. This only works for "unsalted" hashes. For information on password hashing systems that are not vulnerable to pre-computed lookup tables, see our hashing security page. Crackstation's lookup tables were created by extracting every word from the Wikipedia databases and adding with every password list we could find. We also applied intelligent word mangling (brute force hybrid) to our wordlists to make them much more effective. For MD5 and SHA1 hashes, we have a 190GB, 15-billion-entry lookup table, and for other hashes, we have a 19GB 1.5-billion-entry lookup table. Read more :  lm hash generator
Read more