+ Reply to Thread
Results 1 to 6 of 6
  1. Random Member docrice's Avatar
    Join Date
    Apr 2010
    Location
    Bay Area, CA
    Posts
    1,687

    Certifications
    GSEC, GCFW, GCIA, GCIH, GWAPT, GAWN, GPEN, GCFE, GCFA, GMON, OSWP, SFCP, SnortCP, Sec+; expired: CCNA (R&S, Security, Wireless), WCNA
    #1

    Default Infosec Island: What They Don't Teach You in "Thinking Like the Enemy" Classes

    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jun 2011
    Posts
    359
    #2
    Good article, thanks!
    Reply With Quote Quote  

  4. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,826

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA
    #3
    Good article, though his second point I cannot totally agree with. He describes APT, but that isn't all attackers. I tend to believe that most are in for the easy score, install the malware, collect the cash, and get out. Obviously different if you are a larger company, but I feel like he generalized a little too much. I did enjoy his trust portion and have been reading a book all about it:

    Amazon.com: Liars and Outliers: Enabling the Trust that Society Needs to Thrive (978111814330: Bruce Schneier: Books

    Really eye opening book!
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  5. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,596
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #4
    So the points I get from reading this rambling, poorly-edited article are:

    1. "Don't bother taking a psychology-of-the-enemy course because there are too many and different enemies, "
    2. "you can't really think like the enemy in any realistic way, so don't try"
    3. "stop trying to guess what the attacker is going to do next and practice good preventative security instead"
    4. "Use OSSTMM 3 to determine how to practice good preventative security without knowing who your attackers are, what they want, and how they think and operate."

    It just goes to show that anyone can write a blog article about anything.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  6. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,826

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA
    #5
    LOL fair enough JD. But I can say that after reading Thor's Microsoft Security Bible I can see where good practice preventative security is one of the best things you could do. I suspect you are speaking to a comprehensive plan relying on preventative security along with some "enemy" thinking mixed in there. It's funny because he speaks about not bothering to get into the enemies head, but it seems he looks at it more from a motivation stand point. Why should I care why someone is attacking my network/servers? Putting your self into the enemy mindset is much more about what vectors they would use, not the reasons why. Obviously they are going to start with more commonly used vectors/attacks, cover your bases there and I feel overall you'll be fairly ok. Time is on the attackers side, given enough resources and time they will get in one way or the other.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  7. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,596
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #6
    You can't defend, or defend against, what you don't understand. If you don't know who your attackers are, what they want, and how they might attempt to get it, you can't possibly plan cost-effective security measures--defensive or otherwise--that are beyond the basic and generic.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks