Humm. . . speaking of a bone or two to pick. . .I'll have to disagree with
you.
Camouflage is a legitimate countermeasure. You cannot attack what you
cannot see. It certainly shouldn't be the only measure (and Mikael didn't
indicate that) but it does reduce risk. Your comments seem to indicate
otherwise and might very well discourage people from using camouflage
techniques that are actually benefitial.
"Be careful what you wish for, it might come true!"
> -----Original Message-----
> From: Adrian Close [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, June 21, 1999 10:09 PM
> To: Mikael Olsson
> Cc: [EMAIL PROTECTED]
> Subject: Re: Security 101 crash course
>
> Hi Mikael,
>
> I don't mean to beat on you too much for the offering up of useful
> knowledge, but I must pick a bone or two with you... ;-)
>
> On Mon, 21 Jun 1999, Mikael Olsson wrote:
>
> > This is heavily geared towards NT, seeing that
>
> I don't think it should make much difference. In my view, the same basic
> security principles apply regardless of OS. Of course, the practical
> solutions may differ... ;-)
>
> > it's the operating system of choice for new people,
>
> Do you really think so?
>
> > 1. Hide as much information as possible
> > (in this context, as few publicly accessible IPs
> > as possible)
>
> "Security through obscurity is no security."
>
> > If you have the ability to disguise your web server's
> > address through means of static adress translation,
> > do so. See rule #1.
>
> See rule #1. ;-)
>
[snip]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
