The Simplest Way to Guarantee System Security: It’s Not a Product –It’s a Setting!

Default AllowWe are all familiar with the idea of “garbage in, garbage out”. This neat little couplet reminds us to be careful with what we download to and install on our computer’s hard disk. Using the human body as a metaphor for computer technology is not new. I’d like to expand on this metaphor to explain an important concept we would all benefit from understanding. Your system security may depend on it!

Imagine I have a fictitious friend Bob. He will eat anything that is placed in front of him. He will not only eat any food item, including exotic offerings such as fried arachnids and bovine testicles, tongues and brains but he will also eat things that were never intended for consumption, such as wood chips, smooth rocks and colorful plastics, etc.. There is nearly nothing he would not eat; in fact he would eat something from every category of items found on planet Earth. Bob is on a default permit diet. His rule is that he will eat literally anything once and only after eating something does it get placed on a list of things he will no longer eat, if he desires to place it there. As a result of his extreme diet, he is a frequent customer of his local emergency room and his insurance provider has dropped him as a client. He is at high risk of any number of illnesses and requires surgery on a pretty regular basis. How long can Bob sustain this?

Bob is now growing older and no longer wants to live with the pains and financial consequences of a dangerous diet so his “do not eat” list is becoming extensive. It includes food items which are growing mold, items with sharp edges, things harder than his teeth and anything with explosive or flammable properties. He doesn’t rule out any complete category but painstakingly writes down every item that is not yet listed. Though Bob doesn’t show much evidence of learning from his mistakes, he is very organized and appears to be capable of remembering all of the items on his list. Needless to say, maintaining, adding to and memorizing the list takes up much of his time and energy and does not ever guarantee he will always avoid another catastrophic gastric event from eating something he has not yet identified to be bad for him. Now would be a good time to identify that Bob, based on this behavior is not sane. Most would agree that this sort of approach would not be sustainable over time. Eventually, Bob will pay for this method with his life.

This is an admittedly extreme and graphic example but this is what your computer’s firewall is doing right now. It is set to default permit, which means that the door is open to everything, except for those which are on a very long list of things to block. I imagine many of you are asking why they are set up that way. The answer is that default permit is easy and cheap, at least at first. Programmers and administrators use default permit because they can roll out the new software or network quickly without spending money and time on front-end quality. They can do it because, at this point, nobody expects it –most people are not even aware of the alternative.

Stepping back into our dietary metaphor, for just a moment, might be helpful. You and I can quickly see that most people use a much more intelligent approach to deciding what we will and will not eat. Most people have an unwritten list of things they like to eat and will only cautiously add new items to it. If there were people actively trying to poison our food, we might actually take the time to write the list down. In this scenario we would have a “Default Deny” approach. In other words, we would only permit those things on our list, which, by the way, is a very short list compared to the one Bob had to maintain. In addition, our default deny list (the list of things to allow) could be truncated with things like, “I will eat chicken as long as the head is not still attached and the feathers are removed and never when it has been sitting out all day or has been undercooked”. This would allow for whole categories of items to be allowed as long as they met our predetermined criteria –not every single item would need to be listed. Consider, though, that even if every item were listed for both types of lists, the allow list would be infinitesimal compared to the mammoth deny list. So, if we set up our computers similarly to the way we choose our diets, we would avoid all those metaphorical treatment regimes, emergency surgeries, painful and bewildering maladies and probable organ transplants.

Food ListWhat is the moral of this story? Rather than spending all the time, money and headache listing and blocking all of the “badness” that does exist and will multiply in the world, simply take the time to list all of the “goodness” you want to allow and nothing else will be permitted to run. This sounds simplistic and there is a lot of background work required with such an approach but that but that’s the basic idea. Using default permit and enumerating badness is, by its nature, problematic and will never result in fully dependable security. Taking the time to enumerate goodness and setting your system to default deny is the only way to ensure security.

Now that we’ve identified the issue, how do we change our settings? Those directions will be specific to your system, firewall and network (if you have one), so I won’t attempt to give that information. If you’d like to look into setting up your firewall to default deny, you can check out this article for starters:

https://securosis.com/blog/network-security-fundamentals-default-deny/

Share

Speak Your Mind

*