Security is the separation of an asset from a threat.
Security as practiced by the military generally means destroying the threat. A non functioning threat is no longer a threat. So to separate the threat from the asset, you have three options:
• Physically remove or separate the asset from the threat.
• Destroy the threat.
• Move or destroy the asset
As you know destroying assets is undesirable and destroying threats is not feasible.so most of the time we separate the two from each other.
Elements of Security
Separation can be done by using following elements:
1:Visibility
2:Access
3:Trust
Visibility can be an opportunity for an attacker.What an attacker see,learn or glean into help him in his attack.But think if attacker cant see, then he wont even think of attacking on that thing.Linux provide better ways to go invisible.In linux you can easily DROP ALL such request which can make you visible,like ping replies etc.Unfortunately, visibility is a necessary part of most services since marketing is the core of all business; you must present your wares in order to sell them. Therefore, it is necessary to strike the right balance between what assets should be known to maximize the usefulness and efficiency of services while minimizing exposure.
Access means how much you can interact with the given system.It can be a response,service or any thing.
A service cannot exist without access.The simplest way to prevent access is not to provide it. Physically separating an asset and a threat is the strongest deterrent possible. During penetration tests, the most
common problems can be attributed to a service or application running that does not need to be running. The greatest strength of Linux is the ability to easily choose which ports are open and which services are running
In security sciences, Trust is any unauthenticated interactivity between targets within a scope. For example, a web application may interact with a database server without requiring authentication or specifically identifying itself. (Actually, the request’s IP address may be considered weak identification criteria much like a nametag on a person’s shirt is unqualified identification of a specific person.) Where an attacker finds visibility as opportunity and access as direct interaction, trust is useful for indirect interaction.
Security as practiced by the military generally means destroying the threat. A non functioning threat is no longer a threat. So to separate the threat from the asset, you have three options:
• Physically remove or separate the asset from the threat.
• Destroy the threat.
• Move or destroy the asset
As you know destroying assets is undesirable and destroying threats is not feasible.so most of the time we separate the two from each other.
Elements of Security
Separation can be done by using following elements:
1:Visibility
2:Access
3:Trust
Visibility can be an opportunity for an attacker.What an attacker see,learn or glean into help him in his attack.But think if attacker cant see, then he wont even think of attacking on that thing.Linux provide better ways to go invisible.In linux you can easily DROP ALL such request which can make you visible,like ping replies etc.Unfortunately, visibility is a necessary part of most services since marketing is the core of all business; you must present your wares in order to sell them. Therefore, it is necessary to strike the right balance between what assets should be known to maximize the usefulness and efficiency of services while minimizing exposure.
Access means how much you can interact with the given system.It can be a response,service or any thing.
A service cannot exist without access.The simplest way to prevent access is not to provide it. Physically separating an asset and a threat is the strongest deterrent possible. During penetration tests, the most
common problems can be attributed to a service or application running that does not need to be running. The greatest strength of Linux is the ability to easily choose which ports are open and which services are running
In security sciences, Trust is any unauthenticated interactivity between targets within a scope. For example, a web application may interact with a database server without requiring authentication or specifically identifying itself. (Actually, the request’s IP address may be considered weak identification criteria much like a nametag on a person’s shirt is unqualified identification of a specific person.) Where an attacker finds visibility as opportunity and access as direct interaction, trust is useful for indirect interaction.
Comments
Post a Comment