Security Basics mailing list archives
RE: ICMP (Ping)
From: Tim Greer <chatmaster () charter net>
Date: 04 Sep 2003 15:52:30 -0700
On Thu, 2003-09-04 at 10:23, SMiller () unimin com wrote:
Regarding the oft cited admonition against "security by obscurity": according to Bruce Schneier this is "Kerckhoffs' Principle", formulated in 1883 by Auguste Kerckhoffs, and as such is narrowly applicable only to algorithms used for cryptography. It may or may not apply to other and more generalized security issues, those cases must be evaluated individually. Regarding ICMP:
Fun stuff... what some people seem to fail to understand, is that it's unlikely someone's going to randomly probe for IP's to just randomly attack. The type of attacks that people launch are going to be from people that know you're there anyway.... otherwise if they are mindless enough, they will apparently attack the IP they didn't check to see if it's there. A network is going to be attacked if it's a target... if it is, you can toss any responses you like and pretend there's nothing but a big, black hole in cyberspace... they'll still hit your network. If they are doing it blindly, they will do it blindly anyway. I don't see this as much of a benefit, unless you are going to be targeted and you can somehow minimize the damage done by disabling this. Overall, I don't think it's a good or bad thing, I do it on some and not on others, depending on what I'm thinking or doing at the time. However, I wouldn't really say it's going to do much one way or another, unless you just want to prevent very specific type of attacks where this would actually help prevent or minimize damage. But just to hide, well, good luck. :-) -- Tim Greer <chatmaster () charter net> --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Re: ICMP (Ping), (continued)
- Re: ICMP (Ping) Tim Greer (Sep 08)
- Re: ICMP (Ping) Jude Naidoo (Sep 03)
- Re: ICMP (Ping) Tomas Wolf (Sep 03)
- Re: ICMP (Ping) andreas (Sep 05)
- Re: ICMP (Ping) Luca Falavigna (Sep 05)
- Re: ICMP (Ping) Jay Woody (Sep 03)
- RE: ICMP (Ping) Stuart (Sep 04)
- RE: ICMP (Ping) Tony Kava (Sep 04)
- RE: ICMP (Ping) Jay Woody (Sep 04)
- RE: ICMP (Ping) SMiller (Sep 04)
- RE: ICMP (Ping) Tim Greer (Sep 04)
- RE: ICMP (Ping) Gerard Marshall Vignes (Sep 05)
- RE: ICMP (Ping) Tim Greer (Sep 05)
- Re: ICMP (Ping) gregh (Sep 05)
- Re: ICMP (Ping) Tim Greer (Sep 05)
- Message not available
- Re: ICMP (Ping) Tim Greer (Sep 08)
- Re: ICMP (Ping) gregh (Sep 08)
- RE: ICMP (Ping) Tim Greer (Sep 04)
- Re: ICMP (Ping) Tomas Wolf (Sep 08)
- Re: ICMP (Ping) Tim Greer (Sep 08)
- RE: ICMP (Ping) Aditya (Sep 05)