vxp wrote:
On Sat, 4 Sep 2004, Colin Alston wrote:
My point was if it provides no security, then there is no point to it at
all.
oh, but it does. it prevents them from gathering accurate information
about your system. that's an extremely important part of the attack.
From your perspective, certainl
Barney Wolff wrote:
On Sat, Sep 04, 2004 at 01:28:28PM -0400, vxp wrote:
in other words, what would you guys say be a _proper_ bsd-style thing to
do, if this were to be done?
Nothing. If you want to pollute your kernel with nonsense of this
sort, go right ahead, but leave mine alone. Adding frill
On Sat, Sep 04, 2004 at 01:28:28PM -0400, vxp wrote:
>
> in other words, what would you guys say be a _proper_ bsd-style thing to
> do, if this were to be done?
Nothing. If you want to pollute your kernel with nonsense of this
sort, go right ahead, but leave mine alone. Adding frills detracts
f
vxp wrote:
oh, but it does. it prevents them from gathering accurate information
about your system. that's an extremely important part of the attack.
Well, most of the automated trojans seen recently just connect and
try to execute some specific code. You won't beat them with
turning off timestamps
On Sat, 4 Sep 2004, Colin Alston wrote:
> My point was if it provides no security, then there is no point to it at
> all.
oh, but it does. it prevents them from gathering accurate information
about your system. that's an extremely important part of the attack.
> Most attackers are going to expl
vxp wrote:
On Sat, 4 Sep 2004, Wesley Shields wrote:
That is true, but the problem with these kinds of things is that users
will think that with a simple flip of a sysctl they are secure, when in
fact that are no more secure than before.
that's also 100% true, however that's why documentati
On Sat, 4 Sep 2004, Wesley Shields wrote:
>
> That is true, but the problem with these kinds of things is that users
> will think that with a simple flip of a sysctl they are secure, when in
> fact that are no more secure than before.
that's also 100% true, however that's why documentation exists.
Colin Alston wrote:
What exactly is the point/benefit of such a change?
On related note, it would be nice if the OS bundled dhclient would
report OS version like it does on Windows and Linux. Would make some
operations easier.
Pete
___
[EMAIL PROTECTED
On Sat, Sep 04, 2004 at 10:07:36AM -0400, vxp wrote:
> no. obscurity as the _only_ "security" is no security.
> there's nothing wrong with ADDING obscurity, however. =)
>
> --Val
That is true, but the problem with these kinds of things is that users
will think that with a simple flip of a sysctl
no. obscurity as the _only_ "security" is no security.
there's nothing wrong with ADDING obscurity, however. =)
--Val
On Sat, 4 Sep 2004, Colin Alston wrote:
> vxp wrote:
>
> >pretty much any sort of attack / intrusion attempt begins with information
> >gathering on the machine. part of that, wo
vxp wrote:
pretty much any sort of attack / intrusion attempt begins with information
gathering on the machine. part of that, would be trying to figure out what
OS runs on the machine. the more (accurate) information a potential
attacker can gather on the machine, the more chances that his attempt
pretty much any sort of attack / intrusion attempt begins with information
gathering on the machine. part of that, would be trying to figure out what
OS runs on the machine. the more (accurate) information a potential
attacker can gather on the machine, the more chances that his attempt will
succee
vxp wrote:
Hi,
I'm wondering if it'd be a good idea / worth it to modify the kernel a bit
and add a few sysctl switches so the user would be able to choose what OS
he wants the box to appear as, to a nmap scan ?
It'd require, obviously, a few modifications to the networking code.
Please elaborate o
Hi,
I'm wondering if it'd be a good idea / worth it to modify the kernel a bit
and add a few sysctl switches so the user would be able to choose what OS
he wants the box to appear as, to a nmap scan ?
It'd require, obviously, a few modifications to the networking code.
Please elaborate on why you
14 matches
Mail list logo
