Security Basics mailing list archives
Re: server security
From: "Rob" <synja () synfulvisions com>
Date: Fri, 22 Jun 2012 23:17:52 +0000
Although we all know of anecdotal tales where a non standard port was used, or another minor change prevented some sort of mass issue, the fact remains that an automated attack such as that still requires an exploitable service. Changing the port in no way (except for permissions on *NIX) realistically affects the *ability* to compromise. It's a matter of weighing the needs of your specific environment and situation. Every situation is different. In most cases if the port assignment is the only thing that would have prevented a compromise, you've already been compromised by your own mistakes. Security can't just be about keeping people out, it has to include mitigation for when somebody gets in. Although let's be honest, we've all had that boss/executive who decided they know better than we do and been forced to implement crap. Rob Sent on the Sprint® Now Network from my BlackBerry® -----Original Message----- From: Dave Kleiman <dave () davekleiman com> Sender: listbounce () securityfocus com Date: Fri, 22 Jun 2012 17:51:54 To: security-basics () securityfocus com<security-basics () securityfocus com> Subject: RE: server security Tracy, You would have to admit little layers of security, such as running non-standard ports, can protect you as in the Slammer worm. I am not saying that is the best or recommended solution to a problem, but it can work. Respectfully, Dave Kleiman - http://www.ComputerForensicsLLC.com - http://www.DaveKleiman.com 4371 Northlake Blvd #314 Palm Beach Gardens, FL 33410 561.310.8801 -----Original Message----- From: Tracy Reed [mailto:treed () ultraviolet org] Sent: Friday, June 22, 2012 18:31 To: Tracy Reed Cc: Dave Kleiman; security-basics () securityfocus com Subject: Re: server security On Fri, Jun 22, 2012 at 02:54:22PM PDT, Tracy Reed spake thusly:
Many "little layers of security" just aren't worth it.
Clarification: Some "little layers of security" just aren't worth it. Multiple layers of security certainly are. -- Tracy Reed
Current thread:
- Re: server security, (continued)
- Re: server security Littlefield, Tyler (Jun 21)
- Re: server security Killian Faughnan (Jun 21)
- Re: server security Rory Browne (Jun 22)
- Re: server security Littlefield, Tyler (Jun 22)
- RE: server security Ron McKown (Jun 22)
- RE: server security Ward, Jon (Jun 22)
- RE: server security Dave Kleiman (Jun 22)
- Re: server security Tracy Reed (Jun 22)
- Re: server security Tracy Reed (Jun 22)
- RE: server security Dave Kleiman (Jun 22)
- Re: server security Rob (Jun 22)
- Re: server security Ansgar Wiechers (Jun 25)
- RE: server security Dave Kleiman (Jun 22)
- RE: server security Tommy Thomas (Jun 26)
- Re: server security Tracy Reed (Jun 22)
- RE: RE: server security Primrose,Jacqueline (HHSC) (Jun 28)