| 1 |
* Ben Cressey <ben@×××××.org> 8. Jan 04 |
| 2 |
> > To hide a host is always very stupid, why should you do this? There is no |
| 3 |
> > advantage. If you "hide" your computer an attacker knows there is an |
| 4 |
> > stupid guy who doesn't know anything about network security. |
| 5 |
> You're rather free with calling people "stupid" with little to no |
| 6 |
> justification. |
| 7 |
|
| 8 |
Well, let's see. |
| 9 |
|
| 10 |
> If I am just running a web server, nobody has any business connecting to any |
| 11 |
> port besides 80/tcp and 443/tcp. ICMP traffic is fine, but what legitimate |
| 12 |
> purpose is there in attempting a connection to another tcp port? |
| 13 |
|
| 14 |
It's kinda social thing. If you tip my shoulder asking for time I would |
| 15 |
answer, that I have no clock. If I give no answer at all you would call |
| 16 |
me shy, taciturn, unsocial or, simply, stupid. |
| 17 |
|
| 18 |
> It's not about hiding the server or some fictitious security gain -- |
| 19 |
> although as someone pointed out replying to potentially spoofed source |
| 20 |
> addresses could be leveraged into some form of DoS attack. |
| 21 |
|
| 22 |
Would you please be so kind to explain that. I am still interested in |
| 23 |
this and still can't see how to use this in a DoS attack. In fact, |
| 24 |
there are many more efficient ways to DoS a host. |
| 25 |
|
| 26 |
> As far as RFCs go, the only relevant excerpt I could find was quoted on |
| 27 |
> [snip] |
| 28 |
|
| 29 |
You want to read RFC1812. |
| 30 |
|
| 31 |
Regards, Frank. |
| 32 |
-- |
| 33 |
Sigmentation fault |
| 34 |
|
| 35 |
-- |
| 36 |
gentoo-security@g.o mailing list |
Archives