Security Basics mailing list archives
RE: server security
From: Dave Kleiman <dave () davekleiman com>
Date: Fri, 22 Jun 2012 17:47:45 -0500
Tracy, Not my servers, I usually see things post incident on others systems. As with anything you have to weigh the options, certainly not every option fits every need or configuration. I have seen servers not hardened, sometimes not even patched just because they were behind a firewall and they thought that would protect them. Respectfully, Dave Kleiman - http://www.ComputerForensicsLLC.com - http://www.DaveKleiman.com 4371 Northlake Blvd #314 Palm Beach Gardens, FL 33410 561.310.8801 -----Original Message----- From: Tracy Reed [mailto:treed () ultraviolet org] Sent: Friday, June 22, 2012 17:54 To: Dave Kleiman Cc: security-basics () securityfocus com Subject: Re: server security On Fri, Jun 22, 2012 at 02:30:01PM PDT, Dave Kleiman spake thusly:
I know I have seen a plethora of 3389 automated scans and upon successful connection, attempted password attacks, what would happen if I changed to some other port?
Why isn't there a firewall restricting who can connect to your db server? Why aren't you requiring something better than just password auth? You change the default port but you don't implement these far more effective controls?
Sometimes security through obscurity does work. I am certainly not suggesting it would protect you from an Advanced Persistent Threat, but every little layer of security affords a little protection, deterrence, or delay.
It sets a bad precedent and doesn't scale when you have to worry about changing the default ports on a bunch of database servers and apps. Many "little layers of security" just aren't worth it. -- Tracy Reed
Current thread:
- Re: server security, (continued)
- Re: server security Rory Browne (Jun 22)
- Re: server security Littlefield, Tyler (Jun 22)
- RE: server security Ron McKown (Jun 22)
- RE: server security Ward, Jon (Jun 22)
- RE: server security Dave Kleiman (Jun 22)
- Re: server security Tracy Reed (Jun 22)
- Re: server security Tracy Reed (Jun 22)
- RE: server security Dave Kleiman (Jun 22)
- Re: server security Rob (Jun 22)
- Re: server security Ansgar Wiechers (Jun 25)
- RE: server security Dave Kleiman (Jun 22)
- RE: server security Tommy Thomas (Jun 26)
- Re: server security Tracy Reed (Jun 22)
- RE: RE: server security Primrose,Jacqueline (HHSC) (Jun 28)