nanog mailing list archives

Re: sniffer/promisc detector

From: Brett Watson <brett () the-watsons org>
Date: Mon, 19 Jan 2004 23:26:30 -0700

i wish you were right.  i wish you were even close to right.  but we've

been

attacked many times over the years by some extremely smart adolescent
psychopaths -- where adolescence is a state of mind in this case, rather
than of years -- and i wish very much that they would either stop being
so smart, or stop being so psychotic, or stop being so adolescent.


Hmm.

It depends of, what is _attack_. For example, if I have old, unpatched sshd
daemon (which is easy to hack), but
run it at port 30022, how long do I need to expose it on Internet to be
hacked? (Answer - you will never be hacked, if
you use nonstandard port, except if you attracks someone by name, such as
_SSH-DAEMOn.Rich-Bank-Of-America.Com_.


Uhm, that would be wrong.  This is simply "security through obscurity".

Go grab nessus (www.nessus.org), modify the code a bit, and I guarantee you
that your ssh daemon running on a non-standard port can still be found,
identified, and exploited. Trivial.

-b

Current thread:

Re: sniffer/promisc detector, (continued)
- - Re: sniffer/promisc detector Chris Brenton (Jan 16)
- RE: sniffer/promisc detector Wojtek Zlobicki (Jan 16)
- Re: sniffer/promisc detector Rubens Kuhl Jr. (Jan 16)
  - Re: sniffer/promisc detector Alexei Roudnev (Jan 17)
    - Re: sniffer/promisc detector haesu (Jan 17)
    - Re: sniffer/promisc detector Valdis . Kletnieks (Jan 17)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 17)
    - Re: sniffer/promisc detector Vadim Antonov (Jan 19)
    - Re: sniffer/promisc detector Paul Vixie (Jan 19)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 19)
    - Re: sniffer/promisc detector Brett Watson (Jan 19)
    - Re: sniffer/promisc detector Valdis . Kletnieks (Jan 19)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 20)
    - Re: sniffer/promisc detector Dave Israel (Jan 20)
    - Re: sniffer/promisc detector Niels Bakker (Jan 20)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 21)
    - Re: sniffer/promisc detector Steven M. Bellovin (Jan 20)
    - Re: sniffer/promisc detector haesu (Jan 20)
- Re: sniffer/promisc detector Damian Gerow (Jan 16)
- RE: sniffer/promisc detector Michel Py (Jan 20)
  - RE: sniffer/promisc detector Henry Linneweh (Jan 20)

(Thread continues...)