From owner-freebsd-stable Sun Mar 25 0:22:17 2001 Delivered-To: freebsd-stable@freebsd.org Received: from moek.pir.net (moek.pir.net [130.64.1.215]) by hub.freebsd.org (Postfix) with ESMTP id 4969937B719 for ; Sun, 25 Mar 2001 00:22:15 -0800 (PST) (envelope-from pir@pir.net) Received: from pir by moek.pir.net with local (Exim) id 14h5mv-00055w-00 for freebsd-stable@freebsd.org; Sun, 25 Mar 2001 03:22:13 -0500 Date: Sun, 25 Mar 2001 03:22:13 -0500 From: Peter Radcliffe To: freebsd-stable@freebsd.org Subject: Re: sshd revealing too much stuff. Message-ID: <20010325032213.H255@pir.net> Reply-To: freebsd-stable@freebsd.org Mail-Followup-To: freebsd-stable@freebsd.org References: <3ABD9014.E78871BC@duwde.com.br> <20010325015443.A29255@home.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010325015443.A29255@home.com>; from graywane@home.com on Sun, Mar 25, 2001 at 01:54:43AM -0500 X-fish: < X-Copy-On-Listmail: Please do NOT Cc: me on list mail. Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Graywane probably said: > Yes, it is security by obscurity and no, most people thinking about security > on the net do not believe it is an effective technique to secure a site. You > secure a site by: Security by obscurity is a bad thing to _rely_ on, but why make it any easier to get information which is useful ? The less a cracker knows about any system the more work/time it will take for them to break into it. Personally I only allow connections from hosts that need to connect to ssh, so the rest wouldn't see it ... but if I notice this extra info appearing on any of my machines, I'll get rid of it. It would be easier if it wasn't there in the first place. P. -- pir pir@pir.net pir@net.tufts.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message