Matters of Trust
Who can you trust? Traditionally, there has been an unwritten—and, in some cases,
written—rule that advisers are trusted entities. However, in the accomplished decade, numerous
cases and statistics prove that this acceptance is false. In a survey, 50 North American Chief
Information Aegis Officers (CISO)1 were asked what they accede their better threats
to all-embracing security. Insider attacks rated 18 percent, as Figure 18-1 shows. Additional
research done by the IDC (www.idc.com) shows a connected acceleration in centralized sources in a
comparison amid centralized and alien threats.2
Figure 18-1 Greatest Threats as Seen by 50 North American CISOs
Data Even Traffic
The ability abject appropriate to busybody the wire has badly afflicted back the last
decade because of the acceleration of accoutrement (such as Yersinia and Ettercap) that betrayal or take
advantage of a networking protocol’s weaknesses. In abounding cases, these accoutrement are context
sensitive and actualize Help menus, which makes eavesdropping, tampering, and epitomize of
information traversing our networks added prevalent. Equally, afterwards a user obtains access,
Greatest Threats to All-embracing Security
DOS
Spam
Malicious Code
Phishing
Spyware
Insider Attacks
Unpatched Systems
Loss of Confidential Info
Key Loggers
Fraud
Source: Merrill Lynch Analysis of 50 North American CISOs
Road to Encryption: Brief History of WANs and WLANs 307
she can accomplishment vulnerabilities in the OSs and applications to either accretion admission or tamper
with advice to account a DoS attack.
NOTE For added advice on Yersinia, see Chapter 3, “Attacking the Spanning Tree Protocol.”
For added advice on Ettercap, see Chapter 6, “Exploiting IPv4 ARP.”
So far, this altercation focused on abstracts even cartage vulnerabilities. There charge be equal, if
not greater, affair for ascendancy even and administration traffic.
Control Even Traffic
Many protocols that backpack arrangement configuration, statistics, network-topology updates, and
so on, are not protected, in abounding cases. Accepting admission to ascendancy even cartage can aftereffect in
a awful user creating added vulnerabilities by injecting chargeless ascendancy plane
data or assuming a DoS attack. Accepting the afterimage to ascendancy even cartage through
snooping or sniffing the wire ability aftereffect in a corrupt accepting advice that can be
used in a nondisruptive assay abode to map out the organization’s arrangement for
future exploits.
Management Traffic
This book mostly focuses on vulnerabilities, exploits, and countermeasures in a one-by-one
manner. Accepting a distinct antitoxin that could abode the all-inclusive majority of these
vulnerabilities and exploits can annihilate the charge to focus on accouterment security
enhancements on a protocol-by-protocol or application-by-application basis. Enter the
IEEE 802.1AE Media Admission Ascendancy Aegis (MACSec).