[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [support@backup.hmdc.harvard.edu: [hmdc.harvard.edu #4073] FYI: mon]

On Thu, 11 Sep 2003 01:03, Theodore J. Knab wrote:
> Some of you might find this one interesting.
> In a world where IT security sometimes means keeping services out of
> sight. Both Harvard and MIT advertise everything they have up and
> running.

I don't think that letting people know which servers are online is a problem.  
If they are secure then it's fine, if they aren't then security by obscurity 
never did any good.

However if someone wants to mount an attack that requires spoofing IP 
addresses etc, then having current ping times etc displayed can really make 
it a lot easier...

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: