[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: harden-debian script?

On Wed, Oct 25, 2000 at 02:12:12PM -0700, Scott Bronson wrote:
> I take it you don't wear your seatbelt then?  If your car is
> properly configured and you drive it correctly, then the
> seatbelt is just a needless discomfort.  
> If ALL I did was remove read permissions from the config files,
> that would be security through obscurity.  Since I'm using this
> as one step in a larger security plan, it is called prudence.

But what actually does it give you? It protects you from cracker-wannabies
who see that if there is an 'X' line in your /etc/inetd.conf, then it's time
to run exploit 'Y'.
This gives you a false sense of security, unless you only want to protect
from script-kiddies while neglecting other attackers. But since you say this
is to be 'one step in a larger security plan', then I really don't
understand what it gives.


+--------------------------------+ The reason we come up with new versions
|Marcin Owsiany                  | is not to fix bugs. It's the stupidest
|porridge@pandora.info.bielsko.pl| reason to buy a new version
+--------------------------------+ I ever heard.            - Bill Gates

Reply to: