Re: harden-debian script?
On Wed, Oct 25, 2000 at 02:12:12PM -0700, Scott Bronson wrote:
> I take it you don't wear your seatbelt then? If your car is
> properly configured and you drive it correctly, then the
> seatbelt is just a needless discomfort.
>
> If ALL I did was remove read permissions from the config files,
> that would be security through obscurity. Since I'm using this
> as one step in a larger security plan, it is called prudence.
But what actually does it give you? It protects you from cracker-wannabies
who see that if there is an 'X' line in your /etc/inetd.conf, then it's time
to run exploit 'Y'.
This gives you a false sense of security, unless you only want to protect
from script-kiddies while neglecting other attackers. But since you say this
is to be 'one step in a larger security plan', then I really don't
understand what it gives.
regards
Marcin
--
+--------------------------------+ The reason we come up with new versions
|Marcin Owsiany | is not to fix bugs. It's the stupidest
|porridge@pandora.info.bielsko.pl| reason to buy a new version
+--------------------------------+ I ever heard. - Bill Gates
Reply to: