no. obscurity as the _only_ "security" is no security. there's nothing wrong with ADDING obscurity, however. =)
--Val On Sat, 4 Sep 2004, Colin Alston wrote: > vxp wrote: > > >pretty much any sort of attack / intrusion attempt begins with information > >gathering on the machine. part of that, would be trying to figure out what > >OS runs on the machine. the more (accurate) information a potential > >attacker can gather on the machine, the more chances that his attempt will > >succeed. obviously, even with this change in place, you'd need to do some > >other things so as to prevent this for example: > > > >$ telnet localhost 22 > >Trying ::1... > >Connected to localhost.digital-security.org > >Escape character is '^]'. > >SSH-1.99-OpenSSH_3.6.1p1 FreeBSD-20030924 > > ^^^^^^^^^ > > banners all over need to be changed > > > >but nevertheless, it'd be a step in the right direction in my opinion > > > > > > A great man once said to me "Security by obscurity is, after all, no > security at all." > > This is very much a step in the wrong direction. > > -- > Colin Alston <[EMAIL PROTECTED]> > > About the use of language: > "It is impossible to sharpen a pencil with a blunt axe. It is > equally vain to try to do it with ten blunt axes instead." > -- E.W.Dijkstra, 18th June 1975. (Perl did not exist at the time.) > > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
