-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oliver Antwerpen wrote: > > Steve schrieb: >> Le 07-05-2008, à 17:34:08 +0800, Abdul Bijur Vallarkodath >> ([EMAIL PROTECTED]) a écrit : >> >> >>> just my two pence. >>> >> >> and my two centimes. >> >> >>> * Change the ports of most ports like ssh, ftp, smtp, imap etc. >>> from the >>> default ones to some other ones. >>> >> >> >From my poor understanding of security related issues, I guess this is >> totally useless since any (good) port scanner will defeat this without >> any problem. Remember, security by obscurity is a bad idea. >> >> >> > > Used solely you are right, but used in addition to usual other securing > mechanisms it can help against zero-day attacks, which only shoot > exploits to well-known ports. > > Only when the 0day attack originates from a Skiddy who found it on milw0rm (making it technically no longer an 0day anyway).
If someone is determined enough to get access to a system to take the time to write an exploit, they're certainly clever enough to use nmap, which defeats most attempts at hiding a service version. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIKRPzLeTfO4yBSAcRAjmNAJ0eDx+cdZU1NnfyWLvbNhlEfK92VQCgxzNc F9oDXS7vaw0QKQC5rMEzFps= =lghP -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
