Slashdot Mirror

← Back to Stories (view on slashdot.org)

Inside Symantec's 'Security Center'

Posted by Hemos on from the look-into-the-future dept.

dipfan writes "There's a fascinating view looking at Symantec's Virginia security centre, where the company defends its corporate clients' networks against those wicked hackers. Scary quote from the Washington Post article: 'The Alexandria facility is a private, miniature version of the kind of public Internet-monitoring capability the Bush administration wants the federal government to develop to protect the nation's electronic infrastructure.'"

12 of 225 comments (clear)

  1. This is as it should be by ajs · · Score: 5, Insightful

    Well, if you were trying to stay one step ahead of the people breaking into systems, wouldn't you have a network with a bunch of honeypots and as much logging as you could manage?

    This is basic network security practice, no?

    1. Re:This is as it should be by Anonymous Coward · · Score: 1, Insightful

      Bullshit. If there is a honeypot on my network it can draw hackers away from the critical stuff giving me the chance to notice their activity before they cause to much trouble.

  2. Heh... by Pig+Hogger · · Score: 5, Insightful

    The best croporate security policy starts by not boasting about the security procedures. Not for security by obscurity, but simply not to boast and make oneself a target for crackers.

    1. Re:Heh... by n3rd · · Score: 5, Insightful

      Then again, the best source of network intrusion data is to boast about the quality of your security and then sit back and log the results :-)

      This is just a honeypot network, which if you think about it, is the only reasonable way for them to get the information they need on network intrusion.

      Actually, this more than likely won't work too well.

      Their company says "We're a security company, come own our network!". What will happen? All the script kiddies will hit it, probably DoS it some and nothing new will be learned.

      The people who have new, unreleased or self created exploits and techniques won't hit the network because they know they are being watched. If they did they would in a sense be helping the enemy. If you were a blackhat would you try to own a self-proclaimed honeypot that belongs to a network security company and let them learn your secrets? I wouldn't.

  3. "Security Events" by Logic+Bomb · · Score: 4, Insightful

    Not that they're irrelevant to hacking by any means, but "security events" probably includes every time a ping attempt passes into the network. Saying they detect 15,000 "security events" per day is pretty good propaganda from a company looking to attract clients.

  4. Need to balance by Anonymous Coward · · Score: 2, Insightful

    Symantec needs to balance security concerns against the need to drum up business. This article was positive press, and doesn't give crackers anything substantive to work with. Seems fine to me.

  5. Empty out your pockets by DJSlashDotDJ · · Score: 2, Insightful

    "Inside a cavernous room on the first floor there, security analysts for Symantec sit in long, curved rows 24 hours a day, working on computers and facing a wall of theater-size screens."

    I guess regular firewalls can't protect the millions of bugs in Windows from being exploded anymore. Hmmm, pay "Mid-size companies typically pay Symantec $1,000 to $2,000 a month" or switch to a more secure free OS?

  6. scary - use encryption by Anonymous Coward · · Score: 5, Insightful

    This is a strong commentary on why you should use encryption all the time:

    If data is transmitted, she can see that, too -- and not only when it is moved by outsiders. Symantec has caught insiders improperly sending pre-merger details and pre-earnings data and has reported those findings to the employees' bosses.

    Of course, where I'm employed, it is company policy that you can be terminated on the spot if you use encryption (for example, encrypting your email or files - I wonder if this applies to using a compression algorithm which sort of encrypts it. Or if you compress files and lock them with a password).

    1. Re:scary - use encryption by Glytch · · Score: 4, Insightful

      Maybe the banning of encryption at your workplace has more to do with the "what if the only person with our critical data gets hit by a bus?" kind of scenario. That was the rationale at one job I worked at, I'm wondering if it's commonplace.

  7. Re:scary quote? by StevenMaurer · · Score: 4, Insightful

    I'm a Democrat, and no fan of the Bush administration, but this comment is certainly not Flamebait.

    The concept of catching people who deliberately intrude into other people's systems is a much different from general snooping on people who are going about their daily business. Honeypots are not the problem. It's systems like Carnivore we need to be worried about.

  8. Re:Inside Linux's security center by 1lus10n · · Score: 2, Insightful

    noobs tend to belive linux is perfect.

    but thats not true, it has its flaws - but the point is that even in the worst case the flaws are fix(ed)able. and usually within a few days.

    however windows has a history of taking MONTHS to patch holes. and their holes are a hell of alot easier to exploit.

    i do not care if some lazy dipshnnnt doesnt turn of sendmail (spam) or make sure he is running an updated version of ssh or apache. couldnt care less. what i do care about is that *I* can update it. and *I* can turn it off. and that *I* dont have to sign some EULA saying i have to give up my soul for a patch that shouldn't even require a EULA !

    --
    "Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe." --Albert Einstein
  9. Advertising in the Guise of Reporting by sweatyboatman · · Score: 5, Insightful

    They make it sound very Gibson-esque in there. But it's not clear what these people are actually doing (except raking in millions of dollars). They have fancy displays and lots of data mining, packet sniffing and tracing technology and they're preventing... What? Well, nobody really knows.

    Smoke and mirrors. Meanwhile you're being pumped for thousands a month. The price is quoted right in the article. A couple thousand a month seems reasonable. After all those Bulgarian hackers are vicious!

    If you're interested in that then let me tell you about my company.

    I've started a ghost-busting business. Using specially developed anti-ghost technology I am able to monitor minor disturbances along the walls of your house. From my Central Office of New Ghost Activity Monitoring Equipment I have been detecting thousands of intrusions each day! With the pattented Spectral Tracking Universal Psychic Intrusion Detector, I can see all over the world and into the cosmos to detect super-natural invasions even before they occur.

    Ah! Even as we speak a spectral invasion fleet masses in Zaire to invade your kitchen!

    SweatyB

    --
    It breaks my pluginses, my precious!