From owner-freebsd-net@FreeBSD.ORG Sat Sep 4 15:42:57 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 487F616A4CE for ; Sat, 4 Sep 2004 15:42:57 +0000 (GMT) Received: from digital-security.org (digital-security.org [216.254.116.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id 03C8D43D1F for ; Sat, 4 Sep 2004 15:42:57 +0000 (GMT) (envelope-from vxp@digital-security.org) Received: from localhost.tmok.com ([127.0.0.1] helo=localhost ident=vxp) by digital-security.org with esmtp (Exim 4.41 (FreeBSD)) id 1C3bCa-0009lU-OM; Sat, 04 Sep 2004 10:07:38 -0400 Date: Sat, 4 Sep 2004 10:07:36 -0400 (EDT) From: vxp To: Colin Alston In-Reply-To: <4139E189.5080409@karnaugh.za.net> Message-ID: <20040904100640.E37469@digital-security.org> References: <20040904093042.B37306@digital-security.org> <4139DCF0.7070008@karnaugh.za.net><4139E189.5080409@karnaugh.za.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "digital-security.org", hasmessageblock similar future email. If you have any questions, see the administrator of that system for details.security.Sat, 4 Sep 2004, Colin Alston wrote: [...] Content analysis details: (0.0 points, 3.0 required) pts rule name description -------------------------------------------------- cc: freebsd-net@freebsd.org Subject: Re: fooling nmap X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Sep 2004 15:42:57 -0000 no. obscurity as the _only_ "security" is no security. there's nothing wrong with ADDING obscurity, however. =) --Val On Sat, 4 Sep 2004, Colin Alston wrote: > vxp wrote: > > >pretty much any sort of attack / intrusion attempt begins with information > >gathering on the machine. part of that, would be trying to figure out what > >OS runs on the machine. the more (accurate) information a potential > >attacker can gather on the machine, the more chances that his attempt will > >succeed. obviously, even with this change in place, you'd need to do some > >other things so as to prevent this for example: > > > >$ telnet localhost 22 > >Trying ::1... > >Connected to localhost.digital-security.org > >Escape character is '^]'. > >SSH-1.99-OpenSSH_3.6.1p1 FreeBSD-20030924 > > ^^^^^^^^^ > > banners all over need to be changed > > > >but nevertheless, it'd be a step in the right direction in my opinion > > > > > > A great man once said to me "Security by obscurity is, after all, no > security at all." > > This is very much a step in the wrong direction. > > -- > Colin Alston > > About the use of language: > "It is impossible to sharpen a pencil with a blunt axe. It is > equally vain to try to do it with ten blunt axes instead." > -- E.W.Dijkstra, 18th June 1975. (Perl did not exist at the time.) > >