Re: is it rational to close the 139 port
On Tue, 31 Jul 2012 20:31:56 +1200
Chris Bannister <email@example.com> wrote:
> On Mon, Jul 30, 2012 at 06:15:26PM +0100, Brad Rogers wrote:
> > On Mon, 30 Jul 2012 11:54:14 -0500
> > John Hasler <firstname.lastname@example.org> wrote:
> > Hello John,
> > >Brad Rogers writes:
> > >> Yeah, on a Post-It note. Stuck to the monitor.
> > >That's what people do when you tell them not to write it down. _Tell_
> > >them to write it down and tell them _how_.
> > As it happens, I agree with you; write 'em down, and keep 'em safe.
> Or just have one, but make it a good 'un, and never tell anyone.
> Reasons: 1) If someone can brute force guess it, you've got other
> problems. i.e. -- you're targetted!
> 2) Clothes, possessions, etc. can be searched. You may never
> know until its too late!
> 3) If someone wants it, at least you'll know about it¹
> Well, actually 2 - one for really important stuff, other for unimportant
> stuff; I can trust my bank to keep it safe, but local supermarket is
> another story.
There have been numerous well-publicized breaches at banks, major
retailers, etc. (and doubtless even more unpublicized ones). If / when
hackers get your credentials to one institution, do you really want
them to have the keys to all your accounts?