[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Stopping people finding out uptime?

On Mon, 15 Apr 2002 16:06:14 +1000
Daniel Pittman <daniel@rimspace.net> wrote:
> Hiding the information does nothing for you because the script that
> you see as "scanning" is much more likely to be attempting to break in
> automatically, not just guessing what might be worth attacking.

So, let's say only 0.05% of script kiddie scripts scan for versions
instead of an outright attempt at breaking in. That's still 0.05%. It
only takes one script kiddie to compromise a network.

When you're working in a high-security environment where some computers
*must* be accessible, we have to worry about individuals. Not trends,
not percentages. If doing something will stop a *single* possible
intrusion, it's done. (Within the limits of time budgets, of course. The
fellow who started this thread obviously cares enough and has the time
to take rather extraordinary precautions[for a home user, fairly
standard stuff in high-security environments], so saying "don't bother"
really isn't a valid answer :)

I'm not going to mention any names of any places I've worked unless I'm
asked, because I consider that in bad taste. But this is how it works.

\ David B. Harris, Systems administrator   |   http://www.terrabox.com /
/  eelf@sympatico.ca, elf@terrabox.com     |     http://eelf.ddts.net  \
/ Clan Barclay motto: Aut agere, aut mori.  (Either action, or death.) \

Attachment: pgpxY1hJcWwJU.pgp
Description: PGP signature

Reply to: