Interesting thoughts there... My only tongue in cheek response right off (though this will bubble in my head for some time) is that most predators are brighter than many people doing admin work and we still need them to be able to find the systems... ;o)
Raise your hand if in the last year you saw a postit with a password on it? Keep your hand up if you did anything about it like ripping it up and talking to the person? If your hand went down, was it yours by any chance? How many people now see a security problem and shake their head and say, wow that isn't good but there isn't anything I can do about it and then continue on your day. That is the kind of stuff that really needs to stop. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Tuesday, August 01, 2006 3:28 PM To: [email protected] Subject: Re: [ActiveDir] 80/20 ..... Was: Read-Only Domain Controller and Server Core On a totally serious note to Joe's tongue in cheek posting.... Go to a zoo(1).. and you'll hear stories of how each animal has natural 'protection' from their predators. Each animal has evolved to ensure they have some level of camouflage in the way of color/features etc so that when their predator targets them they attempt to blend into the background. Some plants and animals depend on other plants and animals to survive. There's a unique falcon that will only nest in leftover "Weaver bird" nests.. they don't build their own..but by moving into a Weaver bird area, they act as "bouncers" at the door and keep out the predators that prey on the Weaver birds. Given that "here's what nature does to protect itself".... what (if anything) has the computing industry done to "camouflage" to reduce risk? (call me wacko) but it seems to me that we do a lot of "football"ish type of security models.. offensive moves and defensive moves. (Isn't RODC a defensive move?) Do we and can we add lessons from nature into future networks? (1) Lessons learned from camping in a zoo...yes.. this high maintenance female stayed in a tent in a zoo... if you are going to be without power and electricity.... camping in a zoo at the San Diego Zoo's Wild Animal Park's Roar and Snore is the way to do it..... Matt Hargraves wrote: > Joe's blog doesn't seem to say anything about what DSI actually *is*. > I'm not seeing it as a security model beyond my impression of it being > "Don't tell anyone what your security infrastructure looks like" or > something like that. > > On 8/1/06, *Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]* > <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: > > Isn't DSI being discussed in great detail at Blackhat starting > tomorrow.. or am I mistaken and just thinking about the blog post > again? > http://blog.joeware.net/2006/07/11/445/ > <http://blog.joeware.net/2006/07/11/445/> > > > Brett Shirley wrote: > > I've always followed a DSI[1] access model, it definately > supercedes in > > every way what RBS[resource], RBS[role], ABS, CBS, NBC, ABC can > provide > > ... > > > > [1] DSI = Defending Security Infrastructures > > > > -B > > > > > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
