Ignorance: The Hackers Best Friend
Even the most vigilant enterprise IT professionals have been forced into reactionary postures by ceaseless new vulnerabilities, increasingly sophisticated hacker tools and heightened threats of cyber-terrorism. The goal of this eWEEK Special Report is toThe IT community has developed checklists of must-have technologies and accepted best practices for solid protection, but even the most vigilant enterprise IT professionals have been forced into reactionary postures by ceaseless new vulnerabilities, increasingly sophisticated hacker tools and heightened threats of cyber-terrorism. Security in depth is critical to business continuity and customer trust, but challenges to that level of security can seem insurmountable. The goal of this eWEEK Special Report is to provide a leg up. We gathered security experts from the research and vendor communitiesThe SANS Institute, Microsoft Corp., Oracle Corp., Sun Microsystems Inc. and Symantec Corp.for a roundtable discussion that examined the relative securability of Web-based computing and the role of the vendor community and enterprise IT in creating or magnifying risks. Oracle put "unbreakable" in perspective and advocated working with and not against hackers, while Microsoft addressed the "Is it a feature or a bug?" question. Symantec and Sun focused on end-user responsibility, while SANS addressed the practical problems of system configuration. The complete transcript of the roundtable will be available soon at www.eweek.com, as will audio highlights of the conversation.
Anne Chens article reminds us of past network attacks in the hopes of preventing future recurrences. But as enterprise computing gets more sophisticated, so, too, do the hacker tools and the hackers themselves. The security experts Chen spoke with warned of attacks on the wireless infrastructure and SNMP, as well as the potential for denial-of-service strikes on an increasing number of systems. Checklists developed by eWEEK Labs analysts for hardening wireless LANs, operating systems and applications in general are also at www.eweek.com.