Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: <gentoo-security@g.o>
From: Oliver Schad <o.schad@...>
Subject: Re: firewall suggestions?
Date: Thu, 8 Jan 2004 17:28:17 +0100
Am Donnerstag, 8. Januar 2004 16:57 schrieb mir Thomas T. Veldhouse:
> Oliver Schad wrote:
> > Not really. And why should a network scan be dangerous? Security by
> > obscurity doesn't work. You can scan a well configured host all day
> > long, who cares?
>
> True, but if you do happen to have an exploitable service (i.e. the brk
> issue with the linux kernel and rsync recently), a script kiddie might
> grow tired of waiting for scan results from your network and go
> elsewhere. Certainly slowing down potential hackers buys time and
> frustration for the attacker if nothing else.  The assumption that all
> potential attackers are experts is not a good one.

The brk issue is a local problem, it has nothing to do with networking. 
The security hole in rsync is/was still there if you deny requests to 
closed ports.

And I don't believe that any script kid sits crying in front of his 
computer and runs to his mom "The f****** admin blocks all my attacks, 
wuaaaaaaaaaaahhhhhh!" because you have blocked all connections to closed 
ports.

If I would search for vulnerable rsync server, I would start the ultimate 
hacker tool in the evening and after sweet dreams in the night I would 
look for my victims with a well tasting cup of tea in my hand in the next 
morning. And I swear, I wouldn't start to cry, because you did block any 
of my requests.

It don't increase your security and it breaks internet standards. And is 
it not true, that it slow down network scans in a worthy of mention. It 
makes no sense to block requests to closed ports.

mfg
Oli

--
gentoo-security@g.o mailing list

References:
Re: firewall suggestions?
-- Oliver Schad
Re: firewall suggestions?
-- Thomas T. Veldhouse
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
Re: firewall suggestions?
Previous by date:
Re: firewall suggestions?
Next by date:
Re: firewall suggestions?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.