Clear and present danger
Advertisement
This presentation is the property of its rightful owner.
1 / 137

Clear and Present Dangers PowerPoint PPT Presentation

Clear and Present Dangers. Bill Cheswick Lumeta Corp. c [email protected] Clear and Present Dangers. Perimeter Leaks Poor host security. Mapping the Internet and Intranets. Bill Cheswick [email protected] http://www.cheswick.com. Intranets are out of control Always have been

Download Presentation

Clear and Present Dangers

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Clear and present dangers

Clear and Present Dangers

Bill Cheswick

Lumeta Corp.

[email protected]


Clear and present dangers1

Clear and Present Dangers

Perimeter Leaks

Poor host security


Mapping the internet and intranets

Mapping the Internet and Intranets

Bill Cheswick

[email protected]

http://www.cheswick.com


Motivations

Intranets are out of control

Always have been

Highlands “day after” scenario

Panix DOS attacks

a way to trace anonymous packets back!

Internet tomography

Curiosity about size and growth of the Internet

Same tools are useful for understanding any large network, including intranets

Motivations


Related work

Related Work

  • See Martin Dodge’s cyber geography page

  • MIDS - John Quarterman

  • CAIDA - kc claffy

  • Mercator

  • “Measuring ISP topologies with rocketfuel” - 2002

    • Spring, Mahajan, Wetherall

  • Enter “internet map” in your search engine


The goals

Long term reliable collection of Internet and Lucent connectivity information

without annoying too many people

Attempt some simple visualizations of the data

movie of Internet growth!

Develop tools to probe intranets

Probe the distant corners of the Internet

The Goals


Methods data collection

Methods - data collection

Single reliable host connected at the company perimeter

Daily full scan of Lucent

Daily partial scan of Internet, monthly full scan

One line of text per network scanned

Unix tools


Methods network scanning

Methods - network scanning

Obtain master network list

network lists from Merit, RIPE, APNIC, etc.

BGP data or routing data from customers

hand-assembled list of Yugoslavia/Bosnia

Run a traceroute-style scan towards each network

Stop on error, completion, no data

Keep the natives happy


Ttl probes

TTL probes

Used by traceroute and other tools

Probes toward each target network with increasing TTL

Probes are ICMP, UDP, TCP to port 80, 25, 139, etc.

Some people block UDP, others ICMP


Ttl probes1

Server

Client

Application level

Application level

Router

Router

Router

Router

Router

TCP/UDP

TCP/UDP

IP

IP

IP

IP

IP

IP

IP

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

TTL probes

Hop 3

Hop 1

Hop 2

Hop 4

Hop 3


Send a packet with a ttl of 1

Server

Client

Application level

Application level

Router

Router

Router

Router

Router

TCP/UDP

TCP/UDP

IP

IP

IP

IP

IP

IP

IP

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

Send a packet with a TTL of 1…

Hop 3

Hop 1

Hop 2

Hop 4

Hop 3


And we get the death notice from the first hop

Server

Client

Application level

Application level

Router

Router

Router

Router

Router

TCP/UDP

TCP/UDP

IP

IP

IP

IP

IP

IP

IP

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

…and we get the death notice from the first hop

Hop 3

Hop 1

Hop 2

Hop 4

Hop 3


Send a packet with a ttl of 2

Server

Client

Application level

Application level

Router

Router

Router

Router

Router

TCP/UDP

TCP/UDP

IP

IP

IP

IP

IP

IP

IP

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

Send a packet with a TTL of 2…

Hop 3

Hop 1

Hop 2

Hop 4

Hop 3


And so on

Server

Client

Application level

Application level

Router

Router

Router

Router

Router

TCP/UDP

TCP/UDP

IP

IP

IP

IP

IP

IP

IP

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

Hardware

… and so on …

Hop 3

Hop 1

Hop 2

Hop 4

Hop 3


Advantages

Advantages

  • We don’t need access (I.e. SNMP) to the routers

  • It’s very fast

  • Standard Internet tool: it doesn’t break things

  • Insignificant load on the routers

  • Not likely to show up on IDS reports

  • We can probe with many packet types


Limitations

Limitations

  • Outgoing paths only

  • Level 3 (IP) only

    • ATM networks appear as a single node

    • This distorts graphical analysis

  • Not all routers respond

  • Many routers limited to one response per second


Limitations1

Limitations

  • View is from scanning host only

  • Takes a while to collect alternating paths

  • Gentle mapping means missed endpoints

  • Imputes non-existent links


The data can go either way

The data can go either way

B

C

D

A

E

F


The data can go either way1

The data can go either way

B

C

D

A

E

F


But our test packets only go part of the way

But our test packets only go part of the way

B

C

D

A

E

F


We record the hop

We record the hop…

B

C

D

A

E

F


The next probe happens to go the other way

The next probe happens to go the other way

B

C

D

A

E

F


And we record the other hop

…and we record the other hop…

B

C

D

A

E

F


We ve imputed a link that doesn t exist

We’ve imputed a link that doesn’t exist

B

C

D

A

E

F


Data collection complaints

Data collection complaints

Australian parliament was the first to complain

List of whiners (25 nets)

Military noticed immediately

Steve Northcutt

arrangements/warnings to DISA and CERT

These complaints are mostly a thing of the past

Internet background radiation predominates


Visualization goals

Visualization goals

make a map

show interesting features

debug our database and collection methods

hard to fold up

geography doesn’t matter

use colors to show further meaning


Infovis state of the art in 1998

Infovis state-of-the-art in 1998

  • 800 nodes was a huge graph

  • We had 100,000 nodes

  • Use spring-force simulation with lots of empirical tweaks

  • Each layout needed 20 hours of Pentium time


Visualization of the layout algorithm

Visualization of the layout algorithm

Laying out the Internet graph


Visualization of the layout algorithm1

Visualization of the layout algorithm

Laying out an intranet


A simplified map

A simplified map

  • Minimum distance spanning tree uses 80% of the data

  • Much easier visualization

  • Most of the links still valid

  • Redundancy is in the middle


Clear and present danger

Colored by

AS number


Map coloring

Map Coloring

distance from test host

IP address

shows communities

Geographical (by TLD)

ISPs

future

timing, firewalls, LSRR blocks


Clear and present danger

Colored by IP address!


Clear and present danger

Colored by geography


Clear and present danger

Colored by ISP


Clear and present danger

Colored by distance

from scanning host


Clear and present danger

US military

reached by ICMP ping


Clear and present danger

US military networks

reached by UDP


Yugoslavia

Yugoslavia

An unclassified peek at a new battlefield


Un film par steve hollywood branigan

Un film par Steve “Hollywood” Branigan...


Clear and present danger

fin


Routers in new york city missing generator fuel

Routers in New York Citymissing generator fuel


Intranets

Intranets


We partition our networks to get out of the game

We partition our networks to get out of the game

  • Companies, governments, departments, even families hide in enclaves to limit connectivity to approved services

  • These are called intranets

  • The decentralized, cloud-like nature of internets makes them hard to manage at a central point

  • My company explores the extent of intranets and their interconnections with other networks.


Intranets the rest of the internet

Intranets: the rest of the Internet


Clear and present danger

This was

Supposed

To be a

VPN


Anything large enough to be called an intranet is out of control

Anything large enough to be called an “intranet” isout of control


Case studies corp networks some intranet statistics

Case studies: corp. networksSome intranet statistics


Leak detection

A sends packet to B, with spoofed return address of D

If B can, it will reply to D with a response, possibly through a different interface

Leak Detection

mitt

Mapping host

D

A

Internet

intranet

C

B

Test host


Leak detection1

Packet must be crafted so the response won’t be permitted through the firewall

A variety of packet types and responses are used

Either inside or outside address may be discovered

Packet is labeled so we know where it came from

Leak Detection

mitt

Mapping host

D

A

Internet

intranet

C

B

Test host


Existence proofs of intranet leaks the slammer worm

Existence proofs of intranet leaks: the slammer worm

  • It’s a pop-quiz on perimeter integrity

  • The best run networks (e.g. spooks’ nets) do not get these plagues

    • Internal hosts may be susceptible


Some lumeta lessons

Some Lumeta lessons

  • Reporting is the really hard part

    • Converting data to information

  • “Tell me how we compare to other clients”

  • Offering a service was good practice, for a while

  • The clients want a device

  • We have >70 Fortune-200 companies and government agencies as clients

  • Need-to-have vs. want-to-have


Honeyd network emulation

Honeyd – network emulation

  • Anti-hacking tools by Niels Provos at citi.umich.edu

  • Can respond as one or more hosts

  • I am configuring it to look like an entire client’s network

  • Useful for testing and debugging

  • Product?


History of the project

History of the Project

  • Started in August 1998 at Bell Labs

  • April-June 1999: Yugoslavia mapping

  • July 2000: first customer intranet scanned

  • Sept. 2000: spun off Lumeta from Lucent/Bell Labs

  • June 2002: “B” round funding completed

  • 2003: sales >$4MM


Mapping the internet and intranets1

Mapping the Internet and Intranets

Bill Cheswick

[email protected]

http://www.cheswick.com


My dad s computer and the future of internet security

My Dad’s Computer and the Future of Internet Security

Bill Cheswick

[email protected]

http://www.lumeta.com


My dad s computer

My Dad’s computer

Skinny-dipping with Microsoft


Case study my dad s computer

Case study:My Dad’s computer

  • Windows XP, plenty of horsepower, two screens

  • Applications:

    • Email (Outlook)

    • “Bridge:” a fancy stock market monitoring system

    • AIM


Case study my dad s computer1

Case study:My Dad’s computer

  • Cable access

  • dynamic IP address

  • no NAT

  • no firewall

  • outdated virus software

  • no spyware checker


This computer was a software toxic waste dump

This computer was a software toxic waste dump

  • It was burning a liter of oil every 500 km

  • The popups seemed darned distracting to me


My dad s computer what the repair geek found

My Dad’s computer: what the repair geek found

  • Everything

  • “Viruses I’ve never heard off”

  • Constant popups

  • Frequent blasts of multiple web pages, all obscene

  • Dad: why do I care? I am getting my work done


Dad s computer how did he get in this mess

Dad’s computer: how did he get in this mess?

  • He doesn’t know what the popup security messages mean

  • Email-born viruses

  • Unsecured network services

  • Executable code in web pages from unworthy sites


He is getting his work done

He is getting his work done

  • Didn’t want a system administrator to mess up his user interface settings

  • Truly destructive attacks are rare

    • They aren’t lucrative or much fun

    • They are self-limiting


Recently

Recently

  • An alien G-rated screen saver for an X-rated site appeared

  • Changing the screen saver worked!

  • The screen saver software removed in the correct way!

  • Still, this should never have happened


Skinny dipping on the internet

Skinny Dipping on the Internet


I ve been skinny dipping on the internet for years

I’ve been skinny dipping on the Internet for years

  • FreeBSD and Linux hosts

  • Very few, very hardened network services

  • Single-user hosts

  • Dangerous services placed in sandboxes

  • No known breakins

  • No angst


Best block is not be there

“Best block is not be there”

-Karate Kid


Angst and the morris worm

Angst and the Morris Worm

  • Did the worm get past my firewall?

  • No. Why?

    • Partly smart design

    • Partly luck…removing fingerd

  • Peace of mind comes from staying out of the battle altogether


You ve got to get out of the game

“You’ve got to get out of the game”

-Fred Grampp


Can my dad and millions like him get out of the game

Can my Dad (and millions like him) get out of the game?


Arms races

Arms Races


Virus arms race

Virus arms race

  • Early on, detectors used viral signatures

  • Virus encryption and recompilation (!) has thwarted this

  • Virus detectors now simulate the code, looking for signature actions

  • Virus writers now detect emulation and behave differently

  • Virus emulators are slowing down, even with Moore’s Law.


Virus arms race1

Virus arms race

  • I suspect that virus writers are going to win the detection battle, if they haven’t already

    • Emulation may become too slow

    • Even though we have the home-field advantage

    • Will we know if an undetectable virus is released?

  • Best defense is to get out of the game.

    • Don’t run portable programs, or

    • Improve our sandbox technology

  • People who really care about this worry about Ken Thompson’s attack

    • Read and understand “On Trusting Trust”


Getting out of the virus game

Getting out of the virus game

  • Don’t execute roving programs of unknown provenance

  • Trusted Computing can fix the problem, in theory


Password sniffing and cracking arms race

Password sniffing and cracking arms race

  • Ethernet has always been sniffable

  • WiFi is the new Ethernet


Password sniffing and cracking arms race1

Password sniffing and cracking arms race

  • Password cracking works 3% to 60% of the time using offline dictionary attacks

    • More, if the hashing is misdesigned (c.f. Microsoft)

  • This will never get better, so…

  • We have to get out of the game


Password sniffing and cracking arms race2

Password sniffing and cracking arms race

  • This battle is mostly won, thanks to SSL, IP/SEC, and VPNs.

  • There are many successful businesses using these techniques nicely.


Password sniffing is not a problem for dad

Password sniffing is not a problem for Dad

  • SSL fixes most of it

  • AIM is interceptible

    • Fixable…will it be?


Authentication identification arms races

Authentication/Identification Arms races

  • Password/PIN selection vs. cracking

  • Human-chosen passwords and PINs can be ok if guessing is limited, and obvious choices are suppressed

  • Password cracking is getting better, thanks to Moore’s Law and perhaps even botnets


Clear and present danger

We don’t know how to leave the user in charge of security decisions, safely.


User education vs user deception

User education vs. user deception

  • We will continue losing this one

  • Even experts sometimes don’t understand the ramifications of choices they are offered


Authentication arms race predictions

Authentication arms race:predictions

  • USA needs two factor authentication for social security number. (Something better than MMN or birth date.)

  • I don’t see this improving much, but a global USB dongle would do it

  • Don’t wait for world-wide PKI.


Arms race sort of hardware destruction

Arms race (sort of)hardware destruction

  • IBM monochrome monitor

  • Some more recent monitors

    • Current ones?

  • Hard drives? Beat the heads up?

  • EEPROM write limits

    • Viral attack on .cn and .kr PC motherboards

    • Other equipment

  • Anything that requires a hardware on-site service call


Arms race sort of hardware destruction1

Arms race (sort of)hardware destruction

  • Rendering the firmware useless

    • This can be fixed (mostly) with a secure trusted computing base.


Software upgrade race literally a race

Software upgrade race: literally a race

  • Patches are analyzed to determine the weakness

  • Patch-to-exploit time is now down below 10 hours

    • NB: spammers have incentive to do this work

  • Now the good guys are trying to obfuscate code!

  • Future difficult to say: dark side obscures everything.


Arms races deception

Arms Races: deception

  • Jails

    • Cliff Stoll and SDInet

  • Honeypots

    • Honeynet

    • honeyd

  • The deception toolkit---Fred Cohen


Microsoft client security

Microsoft client security

It has been getting worse: can they skinny-dip safely?


Windows me

Windows ME

Active Connections - Win ME

Proto Local Address Foreign Address State

TCP 127.0.0.1:1032 0.0.0.0:0 LISTENING

TCP 223.223.223.10:139 0.0.0.0:0 LISTENING

UDP 0.0.0.0:1025 *:*

UDP 0.0.0.0:1026 *:*

UDP 0.0.0.0:31337 *:*

UDP 0.0.0.0:162 *:*

UDP 223.223.223.10:137 *:*

UDP 223.223.223.10:138 *:*


Windows 2000

Windows 2000

Proto Local Address Foreign Address State

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING

TCP 0.0.0.0:445 0.0.0.0:0 LISTENING

TCP 0.0.0.0:1029 0.0.0.0:0 LISTENING

TCP 0.0.0.0:1036 0.0.0.0:0 LISTENING

TCP 0.0.0.0:1078 0.0.0.0:0 LISTENING

TCP 0.0.0.0:1080 0.0.0.0:0 LISTENING

TCP 0.0.0.0:1086 0.0.0.0:0 LISTENING

TCP 0.0.0.0:6515 0.0.0.0:0 LISTENING

TCP 127.0.0.1:139 0.0.0.0:0 LISTENING

UDP 0.0.0.0:445 *:*

UDP 0.0.0.0:1038 *:*

UDP 0.0.0.0:6514 *:*

UDP 0.0.0.0:6515 *:*

UDP 127.0.0.1:1108 *:*

UDP 223.223.223.96:500 *:*

UDP 223.223.223.96:4500 *:*


Windows xp this laptop

Windows XP, this laptop

Proto Local Address Foreign Address State

TCP ches-pc:epmap ches-pc:0 LISTENING

TCP ches-pc:microsoft-ds ches-pc:0 LISTENING

TCP ches-pc:1025 ches-pc:0 LISTENING

TCP ches-pc:1036 ches-pc:0 LISTENING

TCP ches-pc:3115 ches-pc:0 LISTENING

TCP ches-pc:3118 ches-pc:0 LISTENING

TCP ches-pc:3470 ches-pc:0 LISTENING

TCP ches-pc:3477 ches-pc:0 LISTENING

TCP ches-pc:5000 ches-pc:0 LISTENING

TCP ches-pc:6515 ches-pc:0 LISTENING

TCP ches-pc:netbios-ssn ches-pc:0 LISTENING

TCP ches-pc:3001 ches-pc:0 LISTENING

TCP ches-pc:3002 ches-pc:0 LISTENING

TCP ches-pc:3003 ches-pc:0 LISTENING

TCP ches-pc:5180 ches-pc:0 LISTENING

UDP ches-pc:microsoft-ds *:*

UDP ches-pc:isakmp *:*

UDP ches-pc:1027 *:*

UDP ches-pc:3008 *:*

UDP ches-pc:3473 *:*

UDP ches-pc:6514 *:*

UDP ches-pc:6515 *:*

UDP ches-pc:netbios-ns *:*

UDP ches-pc:netbios-dgm *:*

UDP ches-pc:1900 *:*

UDP ches-pc:ntp *:*

UDP ches-pc:1900 *:*

UDP ches-pc:3471 *:*


Freebsd partition this laptop getting out of the game

FreeBSD partition, this laptop(getting out of the game)

Active Internet connections (including servers)

Proto Recv-Q Send-Q Local Address

tcp4 0 0 *.22

tcp6 0 0 *.22


It is easy to dump on microsoft but many others have made the same mistakes before

It is easy to dump on Microsoft, but many others have made the same mistakes before


Default services sgi workstation

Default servicesSGI workstation

ftp stream tcp nowait root /v/gate/ftpd

telnet stream tcp nowait root /usr/etc/telnetd

shell stream tcp nowait root /usr/etc/rshd

login stream tcp nowait root /usr/etc/rlogind

exec stream tcp nowait root /usr/etc/rexecd

finger stream tcp nowait guest /usr/etc/fingerd

bootp dgram udp wait root /usr/etc/bootp

tftp dgram udp wait guest /usr/etc/tftpd

ntalk dgram udp wait root /usr/etc/talkd

tcpmux stream tcp nowait root internal

echo stream tcp nowait root internal

discard stream tcp nowait root internal

chargen stream tcp nowait root internal

daytime stream tcp nowait root internal

time stream tcp nowait root internal

echo dgram udp wait root internal

discard dgram udp wait root internal

chargen dgram udp wait root internal

daytime dgram udp wait root internal

time dgram udp wait root internal

sgi-dgl stream tcp nowait root/rcv dgld

uucp stream tcp nowait root /usr/lib/uucp/uucpd


More default services

More default services

mountd/1 stream rpc/tcp wait/lc root rpc.mountd

mountd/1 dgram rpc/udp wait/lc root rpc.mountd

sgi_mountd/1 stream rpc/tcp wait/lc root rpc.mountd

sgi_mountd/1 dgram rpc/udp wait/lc root rpc.mountd

rstatd/1-3 dgram rpc/udp wait root rpc.rstatd

walld/1 dgram rpc/udp wait root rpc.rwalld

rusersd/1 dgram rpc/udp wait root rpc.rusersd

rquotad/1 dgram rpc/udp wait root rpc.rquotad

sprayd/1 dgram rpc/udp wait root rpc.sprayd

bootparam/1 dgram rpc/udp wait root rpc.bootparamd

sgi_videod/1 stream rpc/tcp wait root ?videod

sgi_fam/1 stream rpc/tcp wait root ?fam

sgi_snoopd/1 stream rpc/tcp wait root ?rpc.snoopd

sgi_pcsd/1 dgram rpc/udp wait root ?cvpcsd

sgi_pod/1 stream rpc/tcp wait root ?podd

tcpmux/sgi_scanner stream tcp nowait root ?scan/net/scannerd

tcpmux/sgi_printer stream tcp nowait root ?print/printerd

9fs stream tcp nowait root /v/bin/u9fs u9fs

webproxy stream tcp nowait root /usr/local/etc/webserv


Firewalls and intranets try to get us out of the network services vulnerability game

Firewalls and intranets try to get us out of the network services vulnerability game


What my dad and most of you really needs

What my dad(and most of you)really needs


Most of my dad s problems are caused by weaknesses in features he never uses or needs

Most of my Dad’s problems are caused by weaknesses in features he never uses or needs.


A proposal windows ok

A proposal:Windows OK


Windows ok

Windows OK

  • Thin client implemented with Windows

  • It would be fine for maybe half the Windows users

    • Students, consumers, many corporate and government users

  • It would be reasonable to skinny dip with this client

    • Without firewall or virus checking software


Windows ok1

Windows OK

  • No network listeners

    • None of those services are needed, except admin access for centrally-administered hosts

  • Default security settings

  • All security controls in one or two places

  • Security settings can be locked


Windows ok cont

Windows OK (cont)

  • There should be nothing you can click on, in email or a web page, that can hurt your computer

    • No portable programs are executed ever, except…

  • ActiveX from approved parties

    • MSFT and one or two others. List is lockable


Windows ok2

Windows OK

  • Reduce privileges in servers and all programs

  • Sandbox programs

    • Belt and suspenders


Office ok

Office OK

  • No macros in Word or PowerPoint. No executable code in PowerPoint files

  • The only macros allowed in Excel perform arithmetic. They cannot create files, etc.


Vulnerabilities in ok

Vulnerabilities in OK

  • Buffer overflows in processing of data (not from the network)

  • Stop adding new features and focus on bug fixes

  • Programmers can clean up bugs, if they don’t have a moving target

    • It converges, to some extent


Xp sp2

XP SP2

Bill Gets It


Microsoft s augean stables a task for hercules

Microsoft’s Augean Stables:a task for Hercules

  • 3000 oxen, 30 years, that’s roughly one oxen-day per line of code in Windows

  • It’s been getting worse since Windows 95


Xp sp2 bill gets it

XP SP2: Bill gets it

  • “a feature you don’t use should not be a security problem for you.”

  • “Security by design”

    • Too late for that, its all retrofitting now

  • “Security by default”

    • No network services on by default

  • Security control panel

    • Many things missing from it

    • Speaker could not find ActiveX security settings

  • There are a lot of details that remain to be seen.


Microsoft really means it about improving their security

Microsoft really means it about improving their security

  • Their security commitment appears to be real

  • It is a huge job

  • Opposing forces are unclear to me

  • It’s been a long time coming, and frustrating


Microsoft secure client arms race

Microsoft secure client arms race

  • We are likely to win, but it is going to be a while


Sp2 isn t going to be easy to deploy

SP2 isn’t going to be easy to deploy

  • Many people rely on unsafe configurations, even if they don’t realize it

  • Future SPs won’t be easy either, especially if they follow my advice


Windows xp sp2

Windows XP SP2

  • Candidate 2 release is available

  • Read the EULA…it is interesting and a bit different


Sp2 is just a start more work is needed

SP2 is just a start: more work is needed

  • Security panel and ActiveX permissions

    • Also, list of trusted signers needed

  • Still too many network services

    • They may not be reachable from outside the box

  • Clicking may still be dangerous


Conclusions we ought to win these battles

Conclusions: we ought to win these battles

  • We control the playing field

  • DOS is the worse they can do, in theory

  • We can replicate our successes

  • We can converge on a secure-enough environment


Conclusions problems

Conclusions: problems

  • The business models to achieve these successes seem surprisingly elusive to me

  • Security devices, and stand-alone devices, are close to meeting our needs

    • Except full-functioned routers

  • General purpose computers are the big problem

    • Apparently features are more important than security, to the customers

    • Is this really true?


My dad s computer and the future of internet security1

My Dad’s Computer and the Future of Internet Security

Bill Cheswick

[email protected]

http://www.lumeta.com


  • Login