Latest software headlines from Network World:
Oracle integrates CRM On Demand with Siebel
Mozilla extension would tap into typed commands
iPhone fantasy football draft tools
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
The forest for the trees syndrome.
Yet again, short sighted recommendations leaves the readers worse off. Regardless of how easy or prevalent ARP poisoning may be, it's still one of numerous threats every network faces. Again, without the benefit of any baseline expectation and knowledge of what's happening on the network, you may as well not even give two hoots about security because all you're doing is reacting to the next fire-fighting event.
The idea that anyone can reasonable keep tabs on a hundred different alarm events and claim to be proactive is laughable. For every event that triggers an alarm, how many other trends are occurring just under a threshold that pose a serious problem? People have become so indoctrinated into technology doing their work for them it's bred a level of incompetence into the main stream. Now everyone is spending money on all these expensive systems and correlation thingies believing that they're somehow more secure. Phttbhbhbthththth! Nonsense.
Looking for ARP poison out of all the potential things that could happen (open ports, rogue machines, unauthorized file uploads, traffic contention, routing problems, abuse) is like fork lifting an entire network just because someone suggests that it makes sense. And if the executive team really knew what was happening would IT budgets continue to grow?