Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Public Key Infrastructure > Public Key Infrastructure - Pg. 115

Defenses against Man-in-the-Middle Attacks 115 several Observation Point/Listening Points forward of the main defensive positions to give early warning of pending attacks. Additionally, early warning devices that trigger flares and noisemaking devices can also alert units to possible threats. In the information security world, these would be similar to the capabilities Intrusion Detection Systems (IDSes) provide. Early detection is vital to minimizing the impact of attacks, reducing potential losses. A secondary defensive measure for protecting the command post would be using physical barriers to impede swift movement of the enemy. These barriers can be landscape and terrain that form a nature barrier such as a hill or trench. In informa- tion security, they may be equivalent to a well-placed proxy or firewall device. The goal of this line of defense is to slow attacks or at least to make it very tedious to perform them. Next we look at defenses that are a little closer to the command and control point. These would be razor wire, mines, and small-caliber weapons. (Although there are other layers of defense as far as military strategy is concerned, the goal of this example is to provide a general overview of strategies, not to make us all hardened military warriors.) These controls provide the last line of defense for the soldiers. In a networking environment, these can equate to desktop security such as malware