Every once in a while it's good to be reminded of certain principles. In my first book I outlined three lessons I've learned while monitoring intruders. Sometimes threats in nature provide examples of these lessons. Sguil developer Bamm Visscher pointed me to these images, which I have cropped and annotated for your network security monitoring enjoyment.
NSM Principle 1: Some intruders are smarter than you are.
NSM Principle 2: Intruders are unpredictable.
NSM Principle 3: Prevention eventually fails.
Hence, the need for monitoring, e.g., these photos!
Thank you to GeekBase for posting these -- I hope you prefer me not linking to the photos directly, thereby saving your bandwidth!
5 comments:
Hilarious, but true! We've all seen it, and/or been subject to it ourselves. Many times, it's due to what we think we know about the infrastructure...
H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
Hi. Can you change it back so that full posts are in your rss feed? Thanks.
Again, I have not changed anything with my RSS feeds. You can get them from Atom2RSS or Feedburner. Atom2RSS looks like it is giving an error now, but Feedburner is fine.
I hope you obtained a license or at least informal permission from the photographer to modify and republish his work.
Post a Comment