The following are hot spots for security researchers to focus on and infosec pros to worry about: Protocols that support internet infrastructure like DNS and BGP.
Web servers
Database listeners (if you own a web server, pivot off it and this is the next stop out of the DMZ, also all the data is in there :)
Protocols you just can't turn off or block if there is a worm, like SMB
Middleware and anything that transmits a password- if its not encypted its no good.
Crazy virtualisation near trust zone boundaries - misconfigure vmotion, SAN or load the wrong vm and you could have a database on the net
About Me
- Matthew Hackling
- Matt runs his own security consultancy called Ronin Security. His focus is information security management and he has a keen interest in infrastructure and web application security. He's a CISSP and the current Branch Executive of the Melbourne chapter of the Australian Information Security Association.
Labels
- AISA (1)
- australian information security market (1)
- career advice (1)
- causes (1)
- DoS (1)
- economics (1)
- FUD (1)
- futurism (1)
- information security governance (4)
- IPS (1)
- privacy (2)
- sacred cows (1)
- security patching (1)
- vulnerability management (1)
Handy Links
Twitter Updates
Matt's list of blogs
-
Dear America – How much is the tip?3 weeks ago
Blog Visitors
Lijit
InterSec - ISC2 CISSP networking portal
0 comments:
Post a Comment