Excellent observations. I think diversity, however, would be a better term than chaos. I've spent a good deal of my career building diversity into systems, so that they appear different at different times, and so that different devices appear differently to attackers. This can make them more difficult to attack, since each attack must be "custom made," and has only a limited time during which it may be effective.
Even the Internet root servers of old were purposely deployed using more then one platform for (partially) this reason. This is a lesson from Nature, where biodiversity is a primary defense mechanism. Investors know this when they diversify their profile as well.
I should point out that being random is not enough. Diversity must be carefully managed. For example, if you want to hide which Web server you are running, you might change the headers to emit random server IDs. For one request you are Apache, for the next you pretend to be IIS. If you are not careful, though, the very fact that you randomize could become a parameter in profiling your system. Furthermore, you may be exposing patterns in one random element that could give clues to others.
I like the way Andreas puts it - noting that attackers think outside the box which is already a very small box. So...change the box, maybe using chaotic dynamics as my current project does, but that chaos is only a path to the true defensive technique: diversity.
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
Post new comment