Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Security /

Lying to hackers is okay by me: Part 1 of 9

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By Winn Schwartau
Network World on Security, 06/09/99

"All warfare is based on deception."
-- Sun Tzu

"In war (conflict), truth is so precious, it must be protected by a bodyguard of lies."
-- Winston Churchill

"Make a noise in the East and attack in the West."
--Anonymous Chinese

I believe in lying. Sort of. Let me explain. The bad guys will do anything they can to get you. You know that and it doesn't seem quite fair. They get to cheat, and you, as a network or systems administrator working for a real company, have to play by the rules.

The bad guys can lie. They can use verbal social engineering or hard copy social engineering or pull any sort of nasty trick they want to break into your networks or otherwise try to make your life miserable.

But there are some innovative means to defend our networks, if we just apply some common sense.

  • You goal is reduce the amount of time the bad guys have to attack you.
  • You want your detection and reaction mechanisms to be as fast as possible.
  • You may choose to invite the attacker to stay around for a longer period of time to give you more opportunity to collect forensic evidence and/or identify him.

All I'm saying is that we should create an even playing field. "Do unto others as they do unto you," and in cyberspace and infowar, such logic makes impeccable defensive common sense. If the hackers lies to you, why shouldn't you lie right back?

There is a way. It is your right and defensive duty to:

  • Lie to your adversary.
  • Deceive him in any way possible.
  • Force him to waste time/resources.
  • Make his attacks a much riskier proposition.
  • Protect your assets by the same means he attacks yours.
  • Use automatic responses and hands-off management
  • Apply time-based security concepts.
  • Use Deception.

Winn Schwartau is a security maven, writer and speaker. His recent book "Time Based Security," creates a new paradigm for measuring and quantifying security in any network. His hit books include "Information Warfare" in all three editions. He owns www.infowar.com, the worlds' biggest site for security and information warfare. His team provides extensive security consulting on three continents. In addition, he is a popular, inventive and exciting speaker a boon to any event. Winn can be reached at winn@infowar.com or (727) 393-6600.

RELATED LINKS

Kosovo cyber-war intensifies
Network World, 05/12/99

The security specialist
Network World, 05/10/99

Start-up puts hackers on BlackICE
Network World, 04/21/99

NATO reinforces against 'Net attack from Serbs
Network World, 04/02/99

Striking back
Network World, 01/11/99

Archive of Network World on Security newsletters


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.