D wrote: >>>I'd go with the idea, Security through obscurity, Isn't such a bad idea, >> >>No, you are right, it isn't such a bad idea. It is a terrible idea. > > > On its own, yes it is. Coupled up with regular patching of security holes, > monitoring of logs, a good IDS that is setup to mail/page you, correct > configurations, and a good background on security, it is actually useful.
You are right. It would seem that we are arguing about different things, then. My claim that StO is a bad idea was based on the scenario that it is the first (and in some cases, only) trick used to "secure" a box. That is what I thought the discussion was about. > Which only goes to prove how you have skipped studying current trends. Don't > take it personally, but any admin who does that, is a graver danger to his > network, than the most skilled cracker. I think this bit of flamage is a bit unjustified, but I will let it go. > Heard of a couple of exploits for openssh ? And openssh is widely used. Ever > heard of this little script called sshscan/sshdscan ? Go take a look at the > source. Sure. I am familiar with both the exploits and the scripts. But do I let ssh in through my firewall from anywhere? Certainly not. The point here is that a good firewall config, combined with an IDS of some sort and some good common sense, is a much better way of protecting your stuff than suppressing a few banners and pulling the security blanket over your eyes. And *that* is what I have been trying to say. Sorry if I was not clear enough. And I still stand by my claim that the vast majority of script kiddies' tools ignore banners and just try the exploits. -- Josh Glover <[EMAIL PROTECTED]> Associate Systems Administrator INCOGEN, Inc.
