Web security wholly inadequate, company claims

Mark Fabro, head of the professional services division of Secure Computing, said that companies were woefully ignorant about security, not only with the Internet, but at every level, including operating systems. The company numbers intelligence agencies and other blue chip firms as its clients. "Web servers across the world are currently being compromised and you only ever see two per cent of the problem," said Fabro. Large companies, military organisations and banks moved swiftly to cover up such breaches, he claimed. And the problem also applies to operating systems too, he said. "NT can be made secure but not clean out of the box," he said. "Modifications must be made." But the problems applied to all operating systems. "Linux is as bad as NT but in different ways," he claimed. He said that current firewall solutions which did not use "hardened kernels" were fundamentally insecure. "You have to take an OS, get a licence for the code, manipulate it and re-write it, ripping out everything you don't need," he said. The company has just opened a UK wing of its services division. ® Click here for more security breaches Click for story index