On Mon, 15 Apr 2002 14:20:34 +1000 Daniel Pittman <daniel@rimspace.net> wrote: > So, hiding this information does not protect you from attacks. All it > does is give you a false feeling of confidence in your "protection" -- > which is, in the end, non-existent. > > Security through obscurity isn't, and hiding your uptime is obscurity. There is no "security through obscurity". There is just Security. Capital S. Which means making it as difficult as possible, within the constraints of administrator time allowances, for an attacker to do anything or get any information which may help them. I'm running kernel 2.2.18. I'm going to sleep in a few hours. If a kernel-based remote root exploit is discovered when I'm asleep, and they release 2.2.19, I won't upgrade until I wake up. In the meantime, some script kiddie somewhere is flooding my network with scans to detect what OS a given machine is running, and how long it's been up. Of course, they're not sitting there watching it. They're just running a script. They'll get thousands of hits from other people's machines (who are running 2.2.18 but haven't upgraded) - they and their script will just ignore mine, as a waste of resources to attempt to crack (since they don't even know that I'm running a vulnerable kernel). Unlikely? Yes. Your point? I thought so. -- ________________________________________________________________________ \ David B. Harris, Systems administrator | http://www.terrabox.com / / eelf@sympatico.ca, elf@terrabox.com | http://eelf.ddts.net \ \======================================================================/ / Clan Barclay motto: Aut agere, aut mori. (Either action, or death.) \ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Attachment:
pgpsI70dCFZKy.pgp
Description: PGP signature