site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Security and Obscurity: Changing Daemon Ports

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
kudos:6

reply to Daniel

Re: Security and Obscurity: Changing Daemon Ports

Anything one can do to limit the attack surface can help. If you feel comfortable in Changing Daemon because you have weak layered Security..then go for it. But it does naught for the real issue.
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/
to forum · permalink · 2008-03-16 08:11:32 ·


Daniel
Premium,MVM
join:2000-06-26
San Francisco, CA
3 edits

said by Name Game:

Anything one can do to limit the attack surface can help. If you feel comfortable in Changing Daemon because you have weak layered Security..then go for it. But it does naught for the real issue.
I was wondering when you would show up to bestow some wisdom. Let me just warn you, and the rest of the forum, that I'm no longer being gentle with you, NameGame. I apologize to the forum in advance.

You say, I'd only want to add hiding the port as a layer "because I have weak layered security". So exactly at what point does adding another layer of security mean that the previous layers were weak? Do you have an answer for that? Or to put it another way, what part of the M-1 tank's reactive armor is so weak that it "needs" to be painted to blend in with its surroundings? Or could it be that the U.S. Military knows more about security than you do?

Here, I'll give you the answer. The M-1's armor doesn't have to be weak for the tank to benefit from being camouflaged. Amazing, huh? Let me ask you this: what about invisible tanks? Would having a tank that could turn invisible increase its security? According to you it would not since it can still be hit with a random shot, i.e. it's still just as vulnerable were it to be hit. Do you or do you not see how foolish it is, however, to say that the tank being invisible would not help it stay alive longer? Same concept. In both the tank and the non-standard listener scenarios the attacks are being sent elsewhere!. It's an avoidance technique.

You think adding obscurity as a layer on top of existing layers is weak because you lack a grasp of many core security principles. What's most frightening is that you don't adjust your views when so many with more experience than you tell you that you're wrong. That's a dangerous state of mind, especially for someone who lurks in forums designed to help new users.

I ask you to reconsider your view of layered security. I've seen you be quite knowledgeable in other areas, but you honestly, on this particular matter, have no idea what you're talking about.
--
dmiessler.com -- grep understanding knowledge
to forum · permalink · 2008-03-16 12:42:22 ·
Forums > Broadband Tech > Security > Security

Tuesday, 29-May 14:32:58 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics