Security Basics mailing list archives
Re: server security
From: Tracy Reed <treed () ultraviolet org>
Date: Fri, 22 Jun 2012 14:54:22 -0700
On Fri, Jun 22, 2012 at 02:30:01PM PDT, Dave Kleiman spake thusly:
I know I have seen a plethora of 3389 automated scans and upon successful connection, attempted password attacks, what would happen if I changed to some other port?
Why isn't there a firewall restricting who can connect to your db server? Why aren't you requiring something better than just password auth? You change the default port but you don't implement these far more effective controls?
Sometimes security through obscurity does work. I am certainly not suggesting it would protect you from an Advanced Persistent Threat, but every little layer of security affords a little protection, deterrence, or delay.
It sets a bad precedent and doesn't scale when you have to worry about changing the default ports on a bunch of database servers and apps. Many "little layers of security" just aren't worth it. -- Tracy Reed
Attachment:
_bin
Description:
Current thread:
- Re: server security, (continued)
- Re: server security Rob (Jun 21)
- Re: server security Mike Hale (Jun 21)
- Re: server security Jerome Athias (Jun 21)
- Re: server security Littlefield, Tyler (Jun 21)
- Re: server security Killian Faughnan (Jun 21)
- Re: server security Rory Browne (Jun 22)
- Re: server security Littlefield, Tyler (Jun 22)
- RE: server security Ron McKown (Jun 22)
- RE: server security Ward, Jon (Jun 22)
- RE: server security Dave Kleiman (Jun 22)
- Re: server security Tracy Reed (Jun 22)
- Re: server security Tracy Reed (Jun 22)
- RE: server security Dave Kleiman (Jun 22)
- Re: server security Rob (Jun 22)
- Re: server security Ansgar Wiechers (Jun 25)
- RE: server security Dave Kleiman (Jun 22)
- RE: server security Tommy Thomas (Jun 26)
- Re: server security Tracy Reed (Jun 22)
- RE: RE: server security Primrose,Jacqueline (HHSC) (Jun 28)