Re: I am protected?
From: Chuck (none_at_example.net)
Date: 11 Dec 2004 00:58:19 -0600
On Fri, 10 Dec 2004 22:31:00 GMT, Leythos <firstname.lastname@example.org> wrote:
>In article <email@example.com>,
>> Your "less easy to locate" is a relative term. Using an automated hack, your
>> system (NAT router) will be located. Period. You'll just have the more
>> experienced hackers probing your ports, not the script kiddies.
>I agree, and I don't advocate hiding as a means of security, what I like
>to do is obscure what ports I have services running on in order to make
>them less of a target. For instance, VNC is a very common application
>for viewing a remote desktop, we all know what port it runs on by
>default, and if I were scanning a network and got a response on that
>port I would expect to find VNC running there. If I were to configure my
>VNC service to run on port 65000, even if it was scanned, it would not
>necessarily be identified as VNC, although that's a bad example, since
>it can be queried for what it is.
>The point is that obscurity relates only to moving services to non-
>standard ports to make them less easy to detect by the standard scans,
>not against scanning all 65535 ports.
>A good example of this is when I port forward a port - lets say 49876
>(made that up) for use with VNC inside a network on a server. My
>firewall logs show that they have never been scanned for port 49876, so
>it makes it a good port to use (currently). If I were to run it on the
>default port, it would be detected in a couple days, but by using the
>non-standard port, it's not been probed once in over a year. That's
>obscurity - which has nothing to do with security - it's hiding in the
>crowd in plain sight.
That's a good point, for right now anyway. Changing your setup - not using a
default configuration - is one way to protect yourself. But it's not a complete
I was trying to point out that darkhack's idea of SBO, by hiding your computer
in a sea of others, is an illusional solution. The automated hacks in use today
will find you, and if you're not otherwise protected, your computer may end up a
-- Cheers, Chuck Paranoia comes from experience - and is not necessarily a bad thing.