I'm absolutely not advocating that anyone implement security through
obscurity, but would have to agree that some degree of obscurity can slow
down some attacks.. however, it should be the VERY, VERY, VERY last thing
on your mind, and NEVER be relied upon as a means of protecting a network,
application, building or anything.
_________________________________________
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice: (416) 605-2041
E-mail: [EMAIL PROTECTED]
Web: http://www.tsintel.com
On Tue, 4 Jun 2002, Kevin and Laura Brown wrote:
> You answer your own question. Something as simple as changing banners can
> stop some automated scripts and keep out some wannabe script-kiddies. You
> are right that it doesn't provide any *real* security, but it does help to
> stop some scripts and slow down some attackers. And although it might be a
> small step, the more steps can add to slow down an attacker, the better
> chance I have of keeping them out. Maybe they'll get tired of peeling
> through the layers. Maybe it thwarts a dumb script. I run my webserver on
> a different port than 80. It may not add any "security", but it keeps Code
> Red and Nimda from clogging my logs all day.
>
> Let's face it, most attacks come from script-kiddies looking for the weakest
> host, not real crackers targeting your domain. And if modifying a banner or
> changing a port number keeps out one or the other, than it is worth it.
> I'll still use other means to beef up my *real* security, but every little
> bit helps.
>
> Brownfox
>
>
> -----Original Message-----
> From: Jay D. Dyson [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 04, 2002 9:57 AM
> To: Meritt James
> Cc: Pinsky Dan; [EMAIL PROTECTED]
> Subject: Re: security through obscurity (was: Re: remove apache os
> banner
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, 4 Jun 2002, Meritt James wrote:
>
> > > ...but be advised: banner obfuscation provides no real security
> > > benefit. Security through obscurity ain't.
> >
> > Nice filter to keep out the harmless...
>
> If they're harmless, they are no threat. If there is no threat
> from the beginning, then please explain the security benefit.
>
> Besides, what good is it if a banner alteration turns away Joe or
> Jane Scriptkiddy if the next visitor is Nimda on rollerskates?
>
> My assessment stands: security through obscurity ain't.
>
> - -Jay
>
> ( ( _______
> )) )) .--"There's always time for a good cup of coffee"--. >====<--.
> C|~~|C|~~| (>------ Jay D. Dyson -- [EMAIL PROTECTED] ------<) | = |-'
> `--' `--' `-- I'll be diplomatic...when I run out of ammo. --' `------'
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (TreacherOS)
> Comment: See http://www.treachery.net/~jdyson/ for current keys.
>
> iD8DBQE8/MciGI2IHblM+8ERAjETAJ4smfidvaqEulcIPO87y0iaRAx0dgCgit3F
> lj4kiUDR0v/VQstnMuXcG+U=
> =sX9j
> -----END PGP SIGNATURE-----
>
>
>
