Hacking The Security Infrastructure - DarkReading
It is interesting to note that now we've moved from hacking OSes, to hacking applications, to hacking security consoles. This goes to show that you can find security holes in just about anything. You can't assume that anything is secure, by default, or within a single protection mechanism. The key is "defense in depth" and separation of key user and management systems. There's no way to protect yourself 100%, but you should make it challenging to get to those management systems that are monitoring and/or maintaining the security infrastructure of the organization.
Coincidentally, when looking for an image to use for this post, I ran across a different discussion of hacking the physical infrastructure in Linux Journal that's an easy, thought provoking, 1 page read.
Post a Comment