From owner-freebsd-net@FreeBSD.ORG Sat Sep 4 17:50:30 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D5AB116A4CE for ; Sat, 4 Sep 2004 17:50:30 +0000 (GMT) Received: from blacksheep.csh.rit.edu (blacksheep.csh.rit.edu [129.21.60.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B8B043D1D for ; Sat, 4 Sep 2004 17:50:30 +0000 (GMT) (envelope-from wxs@csh.rit.edu) Received: from fury.csh.rit.edu (fury.csh.rit.edu [IPv6:2001:470:1f00:135:a00:20ff:fe8d:5399]) by blacksheep.csh.rit.edu (Postfix) with ESMTP id 8547A90C0; Sat, 4 Sep 2004 13:50:29 -0400 (EDT) Received: by fury.csh.rit.edu (Postfix, from userid 44963) id 407F8147C; Sat, 4 Sep 2004 13:50:29 -0400 (EDT) Date: Sat, 4 Sep 2004 13:50:28 -0400 From: Wesley Shields To: vxp Message-ID: <20040904175028.GA25772@csh.rit.edu> References: <20040904093042.B37306@digital-security.org> <20040904100640.E37469@digital-security.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040904100640.E37469@digital-security.org> User-Agent: Mutt/1.5.3i cc: freebsd-net@freebsd.org cc: Colin Alston Subject: Re: fooling nmap X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Sep 2004 17:50:31 -0000 On Sat, Sep 04, 2004 at 10:07:36AM -0400, vxp wrote: > no. obscurity as the _only_ "security" is no security. > there's nothing wrong with ADDING obscurity, however. =) > > --Val That is true, but the problem with these kinds of things is that users will think that with a simple flip of a sysctl they are secure, when in fact that are no more secure than before. If you are truely concerened with security there are many better things you can do to tighten your box down. With that said, this would certainly be a fun exercise. -- WXS