On Thu, 11 Sep 2003 01:03, Theodore J. Knab wrote: > Some of you might find this one interesting. > > In a world where IT security sometimes means keeping services out of > sight. Both Harvard and MIT advertise everything they have up and > running.
I don't think that letting people know which servers are online is a problem. If they are secure then it's fine, if they aren't then security by obscurity never did any good. However if someone wants to mount an attack that requires spoofing IP addresses etc, then having current ping times etc displayed can really make it a lot easier... -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]