[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Details of networks posted on list

also sprach Jor-el <jorel@trillian.megadodo.umb> [2002.01.04.1600 +0100]:
> 	I dont know how prevalent this is on other Debian lists, but in
> debian-user atleast, quite a few folks, when asking for help with their
> networking, post details on their real ip-addresses, hostnames and
> sometimes even the way their network is setup. I would think that this is
> not a wise thing to do, as it makes it easier for an attacker.

in 99% of the cases, i don't have to be a world-class hacker to map out
the poster's network. i'd start from the mail headers and work my way
further. it's not that difficult and NAT is *not* a security measure.

in any case, i humbly believe that the topology and everything else
(even firewall rules) should be available to anyone (upon request
maybe), and that the entire setup is only secure, if it can still stand
against attacks. security by obscurity is nice, but the basis has to be
solid and done before you can add obscurity...

> 	What is the best way to warn folks about this practice? One
> thought that occurred to me is to write up an entry in the FAQ (is there
> such a thing around) and link to it along with the unsubscribe message
> that is part of every post sent out by Debian lists. Is there a better
> way? I am willing to do the writeup for the FAQ if the person maintaining
> the FAQ puts it in, and someone takes care of the mailing list message.

i think it's not going to be so effective. people usually post ifconfig
outputs (and others), and don't even bother to go through the individual
lines. either lists.debian.org runs list mail through a filter, or you
just let them be... most have dynamic IPs anyway, and if you have a
static IP and you post that IP you either need a hit in the face to
learn, or you have a bullet-proof system already.

why not warn people of dDoS attacks and leaving their "servers" on their
DSL line permanently while not even knowing how to spell "security"...

discovering an IP address is very trivial. for instance, you are

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
scintillation is not always identification for an auric substance.

Attachment: pgpflJvdCN6a2.pgp
Description: PGP signature

Reply to: