Date: Sat, 04 Sep 2004 17:38:49 +0200 From: Colin Alston <karnaugh@karnaugh.za.net> To: vxp <vxp@digital-security.org> Cc: freebsd-net@freebsd.org Subject: Re: fooling nmap Message-ID: <4139E189.5080409@karnaugh.za.net> In-Reply-To: <20040904094619.H37469@digital-security.org> References: <20040904093042.B37306@digital-security.org> <4139DCF0.7070008@karnaugh.za.net> <20040904094619.H37469@digital-security.org>
next in thread | previous in thread | raw e-mail | index | archive | help
vxp wrote: >pretty much any sort of attack / intrusion attempt begins with information >gathering on the machine. part of that, would be trying to figure out what >OS runs on the machine. the more (accurate) information a potential >attacker can gather on the machine, the more chances that his attempt will >succeed. obviously, even with this change in place, you'd need to do some >other things so as to prevent this for example: > >$ telnet localhost 22 >Trying ::1... >Connected to localhost.digital-security.org >Escape character is '^]'. >SSH-1.99-OpenSSH_3.6.1p1 FreeBSD-20030924 > ^^^^^^^^^ > banners all over need to be changed > >but nevertheless, it'd be a step in the right direction in my opinion > > A great man once said to me "Security by obscurity is, after all, no security at all." This is very much a step in the wrong direction. -- Colin Alston <karnaugh@karnaugh.za.net> About the use of language: "It is impossible to sharpen a pencil with a blunt axe. It is equally vain to try to do it with ten blunt axes instead." -- E.W.Dijkstra, 18th June 1975. (Perl did not exist at the time.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4139E189.5080409>