Pay it forward: Wrap Up
Table of contents for pay-forward
So today is the last day of the ‘Pay It Forward’ experiment. I’m not sure what the other guys saw on their sites but I did see a fair amount of interest in the tips, so I hope they were helpful to some.
Anton Chuvakin at Chuvakin.blogspot.com joined in the fun and posted a tip today about turning up logging on your machines. He had a great point that a majority of the time you’ll benefit by being able to troubleshoot the common annoyances like spyware, crashes, etc. He has some good posts, check him out.
My last tip of the week is about basic security. To illustrate I’m going to use this awesome security tool I found called “Storm The House 2” by IvoryDrive.
Okay, so it isn’t a tool but it is a cool game that I’m going to use to ramble on for several paragraphs.
In the game, the house is your network, which you are tasked to defend. You get an actual budget that increases over time and you can spend your money on whatever you want in order to defend your house (network). As time progresses you are attacked by more and more determined and steely enemies who wield the standard tools of the trade; swords, rifles, jeeps, rocket launchers, tanks, and even suicide bombers. Your job is to put a bullet in all their heads. You gotta love security!
Here’s how the analogy works:
The wall is your firewall. You can upgrade it three times. The basic wall defends somewhat efficiently but can’t fend off everything forever so usually the first thing I buy is a wall (firewall) upgrade.
Craftsmen are incident handlers and are expensive. Therefore you can’t afford one until you’ve had time to build up other security. Once you have a good security foundation in place you can start hiring craftsmen (incident handlers) who repair damage to your infrastructure (wall and house).
Gunmen are your patch management system. They help prevent the enemy from being able to attack your infrastructure. The better your patch management system (the more gunmen you have) the fewer threats actually exploit the system.
The missile silo would be UTM. Its expensive, costly to maintain, but as Samuel Jackson says “If you absolutely have to kill every last motherf*cker in the room, accept no substitue.”
Lastly, there’s you, the shooter. The various weapons you can buy are tools of the trade that you use on a daily basis and I have to say the grenade launcher is by far the coolest (until you have tanks down range, then you need the sniper rifle).
So there you have it. A cool game that you’ll waste time playing all in the name of security. 
Firstly, that’s a great analogy. Secondly, for the Samuel Jackson quotation, you get the best use of my favorite phrase on a blog entry.
Lastly, UTM expensive and costly to maintain? We should talk about that, because I need to understand this generalization.
I have to respond with a Pulp Fiction quote of my own because sometimes you just need a missle silo…and the last time I looked, it’s hard to take out a tank downrange with a sniper rifle
:
“Jules: We should have shotguns for this kind of deal.
Vincent: How many up there?
Jules: Three or four.
Vincent: That’s countin’ our guy?
Jules: Not sure.
Vincent: So that means there could be up to five guys up there?
Jules: It’s possible.
Vincent: We should have f**kin’ shotguns.”
Great post, Michael.
By Christoer Hoff on 08.04.06 11:31 am
Ahhh yes, the famous ‘trunk scene.’
And I guess it is hard to take down a tank with a sniper rifle, but in the game, its the quickest. =)
By Michael on 08.05.06 7:42 am
[...] the new “tradition” of posting a security tip of the week (mentioned here, here ; SANS jumped in as well), I decided to follow along and join the initiative. One of the bloggers [...]
[...] the tradition of posting a tip of the week (mentioned here, here ; SANS jumped in as well), I decided to follow along and join the initiative. One of the bloggers [...]
[...] the new “tradition” of posting a security tip of the week (mentioned here, here ; SANS jumped in as well), I decided to follow along and join the initiative. One of the bloggers [...]