I’ve been in the IT security field for quite some time now. At one point, it became clear to me that “PARANOIA” indeed is the driving force of this business. Not so rudimentary I suppose, let me try to make my point clear.
For years, companies big and small, spend whopping amounts of moolah just to keep their systems safe from intrusion. I should know because that’s what I help prevent daily from 9 to 5. This urge to isolate essential data has been the response to today’s edge in every business.. Information, hiding and sharing portions of it thereof, dictates the rise and fall of any established system, may it be accounting, learning firms, documentation of newly developed technology or even a simple lists of contacts of people, name it. Every drop of leaked information may seem negligible for the source’s standpoint, but damn, how priceless would it be if a competing entity grabs a hold of it.
The “hole” that leaked the drop is discovered. “Exploitation of a flaw” has its own field of art. Like sharks agitated by the smell of even just a drop of blood, competition would crave to wanting more, until all there is left are bones and scavenged flesh.
On technical jargon, most of this “blood draining” happens on system entry and exit points called “ports”. Although there are other means, ports are basically the super obvious targets for attackers (eavesdroppers are of a safer species), these are where most of the data communication actions come to play. There are many, and all ports are numbered (port 20 is for FTP, port 80 is for HTTP etc.).There is an option however to just shut it all down, but what good is a system if its not connected to anything (duuhhh).
Systems cannot afford to disconnect itself from the world, doing so will make itself useless, just a pile of very expensive paperweight. On the other hand, it can and will be exposed to vulnerabilities if it communicates with other systems. Simply “belonging” to a network group or even being under a host server will require it to spill out at least some information about itself, and what it holds, and a part of what it can do sooner or later. Like some social groups are to people, networks require a piece of that connecting system, or an operation that it can perform, before it could really be integrated into the circle.
It’s basically a matter of which ports are to be left open, and which ones should be disabled. Even the safest of ports would fall on its knees if attacked using the right technique. That’s why administrators and businesses have been paranoid to what could and could not happen, information passing through is quadruple checked even if it involves unnecessary data. Costly protection schemes and devices are implemented at a whim, as restoration is impossible if attacks are carried out in just seconds. Outside threat or inside job, anyone can attack you.
There is no real fail-safe mechanism. Survival depends on seeing catastrophe before it happen. Intuition, doubts, and instinct, paranoia is indeed a great factor.
Now, what does that leave us with? Is information technology eventually gearing towards the spectrum of social engineering? Or are we just paranoid about it, too much that we treat situations happening around us as extensions of our subconscious minds.
Where are you right now?
Who have you been talking to?
What have you been saying?
Acceptance is not universal, nor it is absolute. All there is..is the truth that you are vulnerable. As the ironic saying goes, if you keep treating yourself as a loner, no one would care, because no one would know until you let them see that you are. That’s why no man is an island. It’s the risk that comes with communicating.
Which of your ports are open?
No Comments Yet
No comments yet.
Comments RSS TrackBack Identifier URI
Leave a comment
