- 论坛徽章:
- 0
|
|
From: Bob Geiger <geiger@areaplg2.corp.mot.com>\r\nSubj: Internet attacks\r\nOne of the important points is how the Internet changes the standard attack cost/distance model. Given a value of X it would take an attacker Y dollars to break into my physical world stuff. The farther the attacker must travel in physical space the higher the cost to him. So unless you have the Hope Diamond in your basement you can probably assume criminals will be drawn from a limited pool. Furthermore they actually have to purchase tools and the threat of being caught (or shot) is a real one. Now in the Internet this cost/distance ratio is gone. Suddenly anyone, anywhere, can attack your systems. Furthermore the availability of free tools limits the investment required, and the difficulty in tracking down attackers compounds the problem. Another problem is that when it becomes easy and relatively risk free to poke around so many systems information deemed of limited value may add up to help in breaking into much more valuable systems. So we end up needing a far, far greater level of security as related to system value than in \"physical space.\" I think many people have a hard time understanding this difference and this is why warnings on Internet security are sometimes viewed as alarmist.\r\n\r\nfrom counterpane.com February 15, 1999 issue of Crypto-Gram newsletter Comments section |
|
免费注册
发表于 2002-10-08 00:56
