Re: is it rational to close the 139 port
- To: firstname.lastname@example.org
- Subject: Re: is it rational to close the 139 port
- From: Celejar <email@example.com>
- Date: Wed, 1 Aug 2012 10:22:09 -0400
- Message-id: <firstname.lastname@example.org>
- In-reply-to: <20120731083156.GK17427@tal>
- References: <20120729180004.GB22383@khazad-dum.debian.net> <20120729193204.GU6660@desktop> <20120730012708.GA10124@khazad-dum.debian.net> <20120730092100.GB12993@sid.nuvreauspam> <20120730101405.GB22006@khazad-dum.debian.net> <501692E6.email@example.com> <firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org> <email@example.com> <20120731083156.GK17427@tal>
On Tue, 31 Jul 2012 20:31:56 +1200
Chris Bannister <firstname.lastname@example.org> wrote:
> On Mon, Jul 30, 2012 at 06:15:26PM +0100, Brad Rogers wrote:
> > On Mon, 30 Jul 2012 11:54:14 -0500
> > John Hasler <email@example.com> wrote:
> > Hello John,
> > >Brad Rogers writes:
> > >> Yeah, on a Post-It note. Stuck to the monitor.
> > >That's what people do when you tell them not to write it down. _Tell_
> > >them to write it down and tell them _how_.
> > As it happens, I agree with you; write 'em down, and keep 'em safe.
> Or just have one, but make it a good 'un, and never tell anyone.
> Reasons: 1) If someone can brute force guess it, you've got other
> problems. i.e. -- you're targetted!
> 2) Clothes, possessions, etc. can be searched. You may never
> know until its too late!
> 3) If someone wants it, at least you'll know about it¹
> Well, actually 2 - one for really important stuff, other for unimportant
> stuff; I can trust my bank to keep it safe, but local supermarket is
> another story.
There have been numerous well-publicized breaches at banks, major
retailers, etc. (and doubtless even more unpublicized ones). If / when
hackers get your credentials to one institution, do you really want
them to have the keys to all your accounts?