Re: Security through Obscurity [was RE: [fw-wiz] Using RDP Port 3389]
From: Elizabeth Zwicky (zwicky_at_greatcircle.com)
Date: 04/28/04
- Previous message: Melson, Paul: "RE: [fw-wiz] iChat A/V and Cisco PIX 501 (6.3)"
- In reply to: Gwendolynn ferch Elydyr: "Security through Obscurity [was RE: [fw-wiz] Using RDP Port 3389]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Gwendolynn ferch Elydyr <gwen@reptiles.org> Date: Wed, 28 Apr 2004 10:02:30 -0700
At 1:46 PM -0400 4/27/04, Gwendolynn ferch Elydyr wrote:
>Speaking of security through obscurity, does anybody happen to have
>pointers for a pointy-hair friendly explanation of why it may be an
>adjunct to security, but certainly shouldn't be a primary mechanism?
With obvious self-interest, I have to say I think the explanation in
the 2nd edition of Building Internet Firewalls (pp 71-72) is not bad.
One of the things we do is compare it to day-to-day examples, like
putting your valuables out of sight when you leave them in the car.
It's a useful technique, but you still have to lock the car! We also
discuss why using different ports is not particularly obscure
(you can check all the ports, or look at traffic, or social engineer
somebody into telling you the port).
Elizabeth Zwicky
zwicky@greatcircle.com
---- zwicky@greatcircle.com Newest project: Opal Eleanor Armstrong Zwicky, born March 4, 2004 Nothing much happened in the last year except a death, a wedding, flesh-eating bacteria, a move, and a birth. _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Melson, Paul: "RE: [fw-wiz] iChat A/V and Cisco PIX 501 (6.3)"
- In reply to: Gwendolynn ferch Elydyr: "Security through Obscurity [was RE: [fw-wiz] Using RDP Port 3389]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
