The soft uderbelly: atacking the client
Since at least 1998, security experts have warned that a perimeter defence alone is insufficient, and the vast majority of networks are extremely vulnerable as soon as the firewall, proxy service or physical security layer at said perimeter has been breached.
The situation today has not changed much since 1998. Most security initiatives still concentrate on the firewalls and other border devices, and virus defence is the only area where a low level of penetration has been achieved in securing each individual client.
None of this is news, though the extent of the danger is beginning to surface slowly, as more and more security experts point to the problem. Nevertheless, I believe strongly that the threat is still being underestimated, even by those who condemn perimeter defences.
By Tom Vogt at SecurityFocus.
[ Read more ]