also sprach Jor-el <jorel@trillian.megadodo.umb> [2002.01.04.1802 +0100]:
> I beg to differ. On debian-user, especially, you cant expect to
> have the people who post there be very knowledgeable in security. In their
> case, I would venture to suggest that every little bit of obscurity helps.
> It doesnt mean that their system is secure. But it does mean that they are
> not issuing invitations to be hacked.
they are mostly passing their IP along in the mail headers...
> Well, I'm impressed. But that doesnt mean that the network I am
> writing about is the same network I am posting from. So I could, if I am
> careless, compromise a work network while posting from home.
that's true, but hackers also don't wait for invitation. we once put a
system out onto a static IP without registering it anywhere. there
weren't even DNS entries, it was just sitting there at the IP. we never
established a connection to or from the system. guess how long it took
the first hacker to give it a shot? just under 3 hours!
but you are right, people on debian-user aren't necessarily advanced in
security concepts. however, they are usually also mostly confused, and
if you ask them to obfuscate the IPs, then they'll either screw up to
the point where the original problem is not replicable with the new IPs,
or they get ebven more confused. especially then later during problem
solution and discussion, you are essentially asking them to do NAT in
their heads to map from fake to real and back. something's bound to go
wrong...
you *could* always suggest simply x'ing the first two octets. an IP of
the form xxx.xxx.20.107 gives no valuable information and it's very
likely to be unique still on the user's network.
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
above all, we should not wish to divest
our existence of its rich ambiguity.
-- nietzsche
Attachment:
pgpPlnBWg3TAW.pgp
Description: PGP signature