Re: [support@backup.hmdc.harvard.edu: [hmdc.harvard.edu #4073] FYI: mon]

To: "Theodore J. Knab" <tknab2@washcoll.edu>, debian-isp@lists.debian.org
Subject: Re: [support@backup.hmdc.harvard.edu: [hmdc.harvard.edu #4073] FYI: mon]
From: Russell Coker <russell@coker.com.au>
Date: Thu, 11 Sep 2003 01:34:38 +1000
Message-id: <[🔎] 200309110134.38654.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 20030910150336.GA27424@annapolislinux.org>
References: <[🔎] 20030910150336.GA27424@annapolislinux.org>

On Thu, 11 Sep 2003 01:03, Theodore J. Knab wrote:
> Some of you might find this one interesting.
>
> In a world where IT security sometimes means keeping services out of
> sight. Both Harvard and MIT advertise everything they have up and
> running.

I don't think that letting people know which servers are online is a problem.  
If they are secure then it's fine, if they aren't then security by obscurity 
never did any good.

However if someone wants to mount an attack that requires spoofing IP 
addresses etc, then having current ping times etc displayed can really make 
it a lot easier...

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

References:
- [support@backup.hmdc.harvard.edu: [hmdc.harvard.edu #4073] FYI: mon]
  - From: "Theodore J. Knab" <tknab2@washcoll.edu>

Prev by Date: [support@backup.hmdc.harvard.edu: [hmdc.harvard.edu #4073] FYI: mon]
Next by Date: Re: ..fixing ext3 fs going read-only, was : Sendmail or Qmail ? ..
Previous by thread: [support@backup.hmdc.harvard.edu: [hmdc.harvard.edu #4073] FYI: mon]
Next by thread: (no subject)
Index(es):
- Date
- Thread