[26999] in resnet
Re: Do we still need Network Access Control?
daemon@ATHENA.MIT.EDU (Mike King)
Sat Nov 5 10:02:00 2011
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=20cf303b3edb3ce57704b0fd189e
Message-ID: <CANtPpk4x4A_3sULHtHKJNDCiu8uieN3mLd6xt5WJR7eJUNgkWg@mail.gmail.com>
Date: Sat, 5 Nov 2011 09:49:46 -0400
Reply-To: Resnet Forum <RESNET-L@listserv.nd.edu>
From: Mike King <me@mpking.com>
To: RESNET-L@listserv.nd.edu
In-Reply-To: <E026853FAE2E5E47BE78B287F89DAF9E048EBC@SUEX10-mbx-03.ad.syr.edu>
--20cf303b3edb3ce57704b0fd189e
Content-Type: text/plain; charset=ISO-8859-1
On Fri, Nov 4, 2011 at 4:43 PM, Randall C Grimshaw <rgrimsha@syr.edu> wrote:
>
>
> Compliance checking is becoming less of an issue in my opinion... in part
> because the 'bad guys' are financially motivated to keep the network up.
> And in part because users are migrating to mobile computing appliances.
> When IDS systems identify a compromised system, you are back to the Access
> Control issue.
>
>
>
That is very interesting take on problem. Blaster was the Selling point
for most of the NAC products. (I know it sold us on Cisco NAC) Welchia a
few weeks after Blaster drove the point home.
I'm going off topic here, but this has been rattling around my head for
awhile.
We've gone thru a few phases of Virus / Malware
Early 2000-~2004
Blaster was one of the last "Destructive Virus" that caused damage to
machine. Others of this type, Welchia, Nimda, as well as all the email
virus (I love you anyone ?)
2004-2009~
Mal-ware hits the big time, Starts with Browser pop ups and toolbars (Who
remembers CoolWebSearch?)
2009~ - Present and foreseeable future
Malware morphs, it's less about getting people to click on an ad, or drive
traffic to a website. It's more about getting money. Browser pop ups are
replaced with Fake Antivirus packages that tell you that you have a virus,
and make you pay to get rid of it. Rootkits that looks for specific
banking websites, and send traffic (passwords, accountnumbers) to operators
Of course there are the ever present Botnet operators that have been around
since the early 2000's, and who are not going away anytime soon, but they
are more for profit now, and less for "I want to take down facebook".
My take on the Future?
I think we'll see an uptick in "Ransom Ware" to replace the Fake Antivirus.
Example: I've just encrypted your computer, send $500 to this paypal
account in the next 24 hours, or you'll never unlock your computer.
That, and some scary stuff with BIOS viruses.
http://www.gmanews.tv/story/236547/technology/mobile-bios-cyberthreats-on-the-rise
___________________________________________________
You are subscribed to the ResNet-L mailing list.
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
--20cf303b3edb3ce57704b0fd189e
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<br><br><div class=3D"gmail_quote">On Fri, Nov 4, 2011 at 4:43 PM, Randall =
C Grimshaw <span dir=3D"ltr"><<a href=3D"mailto:rgrimsha@syr.edu">rgrims=
ha@syr.edu</a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=
=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div lang=3D"EN-US" link=3D"blue" vlink=3D"purple">
<div style=3D"direction: ltr; font-family: Tahoma; color: rgb(0, 0, 0); "><=
br>
<br><font class=3D"Apple-style-span" size=3D"2">
Compliance checking is becoming less of an issue in my opinion... in part b=
ecause the 'bad guys' are financially motivated to keep the network=
up. And in part because users are migrating to mobile computing appliances=
. When IDS systems identify a compromised
system, you are back to the Access Control issue.</font><br>
<div><br>
<div><br></div></div></div></div></blockquote><div><br></div><div>That is v=
ery interesting take on problem. =A0Blaster was the Selling point for most =
of the NAC products. =A0(I know it sold us on Cisco NAC) =A0Welchia a few w=
eeks after Blaster drove the point home.=A0</div>
<div><br></div><div><br></div><div>I'm going off topic here, but this h=
as been=A0rattling=A0around my head for awhile.</div><div><br></div><div>We=
've gone thru a few phases of Virus / Malware</div><div><br></div><div>
Early 2000-~2004</div><div>Blaster was one of the last "Destructive Vi=
rus" that caused damage to machine.=A0 Others of this type, Welchia, N=
imda, as well as all the email virus (I love you anyone ?)</div><div><br>
</div><div>2004-2009~</div><div>Mal-ware hits the big time, Starts with Bro=
wser pop ups and toolbars (Who remembers CoolWebSearch?)</div><div><br></di=
v><div>2009~ - Present and=A0foreseeable=A0future</div><div>Malware morphs,=
it's less about getting people to click on an ad, or drive traffic to =
a website. =A0It's more about getting money. =A0Browser pop ups are rep=
laced with Fake Antivirus packages that tell you that you have a virus, and=
make you pay to get rid of it. =A0Rootkits that looks for specific banking=
websites, and send traffic (passwords, accountnumbers) to operators</div>
<div><br></div><div>Of course there are the=A0ever present=A0Botnet operato=
rs that have been around since the early 2000's, and who are not going =
away anytime soon, but they are more for profit now, and less for "I w=
ant to take down facebook". =A0</div>
<div><br></div><div>My take on the Future?</div><div>I think we'll see =
an uptick in "Ransom Ware" to replace the Fake Antivirus. =A0Exam=
ple: =A0I've just encrypted your computer, send $500 to this paypal acc=
ount in the next 24 hours, or you'll never unlock your computer.</div>
<div>That, and some scary stuff with BIOS viruses.=A0<a href=3D"http://www.=
gmanews.tv/story/236547/technology/mobile-bios-cyberthreats-on-the-rise">ht=
tp://www.gmanews.tv/story/236547/technology/mobile-bios-cyberthreats-on-the=
-rise</a></div>
</div>
___________________________________________________
You are subscribed to the ResNet-L mailing list.
<p>
To subscribe, unsubscribe or search the archives,
go to http://LISTSERV.ND.EDU/archives/resnet-l.html
___________________________________________________
--20cf303b3edb3ce57704b0fd189e--
