A Contrarian's Viewpoint

Dec 1, 2006 12:00 PM, By Sandra Kay Miller

Speaking about the trend of organizations to converge physical and logical security, Marcus Ranum sees the push for network integration of physical security measures as part of the usual hype curve. “I don't see anyone doing much of anything, but what they are talking about is having their door keys going into their System Information Management System (SIM) and all that kind of stuff,” he says.

“This whole idea of integrating security sounds really good on paper, but really to do any kind of useful integration it's got to make sense,” Ranum adds. “It's got to actually somehow help. I know I sound cynical, but I just don't see how all this convergence is going to help anything.”

Who is Marcus Ranum and why should we listen to his contrarian's viewpoint? He's the inventor of the proxy firewall. He's an innovator of intrusion detection technology. He's the “Godfather of hacking.” When it comes to IT security, there is no denying he knows his stuff.

Currently, he is the chief security officer at Tenable Network Security (www.tenablesecurity.com), a Columbia, Md.-based company known for Nessus, its vulnerability scanner product. Ranum has worn many hats since entering the security industry in 1989 when he built one of the first commercial firewalls - the DEC Seal - and invented the proxy firewall.

Ranum's approach to risk management has always been integrated and proactive to allow organizations to remain nimble in a rapidly changing environment. For him, the right way to integrate physical and logical security is to create an organization-specific audit team responsible for looking at building entries and exits, telephone and fax use, and Internet use (including system and firewall logs). Additionally, all those aspects taken together need a connection to human resources - so all access can be rapidly terminated for employees who leave or are dismissed.

“This is just bread-and-butter stuff, but I don't think anyone really comes close to doing anything like this today,” Ranum says, adding that this level of security would require a deep commitment (read: financial) to the process.

“When people are talking about integrating their SIM data and their logical and physical security, I think that's just a buzzword for putting it all in the same place so we can ignore it all at once,” Ranum continues. Since his early days at Network Flight Recorder, Rockville, Md., (www.nfr.com), Ranum has chided those who collect enormous amounts of information that fails to ever be used.

Ultimately, Ranum sees security as a social issue, not a technical one, since no amount of software or hardware is going to circumvent human nature. “People still do stupid stuff like click on links in spam and hold the door open for strangers going into a key-only building,” he says.

The President should have listened

As the digital age grew, so did Ranum's list of accomplishments. He built the Trusted Information Systems (TIS) Firewall Toolkit and Gauntlet Firewall. As an early innovator, Ranum's goal was not to create a new facet of the security industry, but to find an easier solution to existing problems.

As a well-known network security professional in the Washington, D.C. area, Ranum managed the President's e-mail server (whitehouse.gov). Despite his urging to procure the whitehouse.com domain, Ranum's advice was ignored. Someone purchased the domain and used it to host an adult entertainment and political lampoon Web site.

A self-avowed dilettante, Ranum moved beyond firewalls, focusing his talents on intrusion detection systems (IDS). He designed the original NFR IDS and served as NFR CEO. “Accurate intrusion detection is a key element to the successful future of network security, and it must grow continuously to meet the ever-changing dynamics of network attacks,” Ranum says.

Maintaining that conviction, Ranum left NFR after several years to research holistic approaches to security, to consult for Fortune 500 companies and government agencies and to work as a lecturer and educator at technology conferences throughout the world.

In 2001, Ranum's contributions to the security industry were recognized. He was awarded the Transportation Security Information Clearinghouse (TISC) “Clue” award for service to the security community and the Information Systems Security Association (ISSA) Lifetime Achievement Award.

Additionally, Ranum has shared his knowledge through his collaboration on two well-regarded technical titles, the Web Security Sourcebook (Wiley 1997) and Host Integrity Monitoring Using Osiris and Samhain (Syngress 2005).

However, in 2003, Ranum took a step back and offered a critical review of not just network security, but national security, in his book The Myth of Homeland Security (Wiley). He railed against the idiocies of immigration, airline security, the media, the government and fear mongering. He wrote, “the most dangerous attacks come from inside,” citing examples that included corporate espionage, Oklahoma City, Ruby Ridge and the attacks on Sept. 11. In the book, Ranum points out that the terrorists who boarded the planes “were authorized individuals who were validated by the system,” because they used Virginia drivers' licenses.

A dynamic and entertaining speaker, Ranum frequents technology conferences, including USENIX Security Symposiums, SANS Institute Conferences, BlackHat Briefings, the NSA Conference, Computer Security Institute (CSI) Conferences and INTEROP, offering his take on the state of security.

To maintain his sanity (as he says), Ranum is an avid photographic artist with an eye for an eclectic mix of subject matter including nudes, landscapes, still-lifes and rubber chickens. He prefers to work with traditional black-and-white, including developing his own film. Lately, Ranum has enjoyed exploring the digital realm with his Fuji FinePix S3 Pro and Adobe Photoshop.

Earlier this year, he purchased a 1950s-era schoolhouse near his home, where he is building darkroom facilities and gradually transforming it into a studio. “The rooms are huge and I even have my own playground with a basketball hoop,” he says.

Ranum and his wife, Katrina - an accomplished farrier and saddle maker - live on their farm in Morrisdale, Pa., along with an assortment of horses, dogs and a new batch of kittens.

Want to use this article? Click here for options!
© 2008 Penton Media Inc.

This month in Access Control

• Opening Up About Door Closers
• An Enterprise Approach
• The Framework For Open Systems
• On A Higher Plane
• More from April's issue