List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
Am Donnerstag, 8. Januar 2004 16:57 schrieb mir Thomas T. Veldhouse:
> Oliver Schad wrote:
> > Not really. And why should a network scan be dangerous? Security by
> > obscurity doesn't work. You can scan a well configured host all day
> > long, who cares?
> True, but if you do happen to have an exploitable service (i.e. the brk
> issue with the linux kernel and rsync recently), a script kiddie might
> grow tired of waiting for scan results from your network and go
> elsewhere. Certainly slowing down potential hackers buys time and
> frustration for the attacker if nothing else. The assumption that all
> potential attackers are experts is not a good one.
The brk issue is a local problem, it has nothing to do with networking.
The security hole in rsync is/was still there if you deny requests to
And I don't believe that any script kid sits crying in front of his
computer and runs to his mom "The f****** admin blocks all my attacks,
wuaaaaaaaaaaahhhhhh!" because you have blocked all connections to closed
If I would search for vulnerable rsync server, I would start the ultimate
hacker tool in the evening and after sweet dreams in the night I would
look for my victims with a well tasting cup of tea in my hand in the next
morning. And I swear, I wouldn't start to cry, because you did block any
of my requests.
It don't increase your security and it breaks internet standards. And is
it not true, that it slow down network scans in a worthy of mention. It
makes no sense to block requests to closed ports.
email@example.com mailing list