Penetration Testing mailing list archives
Re: Filtering email headers generated from internal network (Sensible?)
From: Kyle Maxwell <krmaxwell () gmail com>
Date: Mon, 9 May 2005 21:44:18 -0500
On 5/9/05, anyluser <anyluser () yahoo com> wrote:
Generally speaking sec through obscurity implies (to me) that you're relying on the obfuscation for more then it's really worth. If you think it'll keep you safe, you're using STO. If you're realistic about your expectations then do a CBA (cost/benefit analysis) and make your decision as to whether or not it's worthwhile.
Security through obscurity isn't just about denying reconnaissance to the enemy; in fact that's probably a worthy security goal. Concealing your network information isn't trying to maintain obscurity, it's what you want to accomplish. Relying on running servers with non-standard port numbers is obscurity, as is assuming that someone will never find that unsecured web site with all the supersecret info on it just because there aren't any links to it. That said, if you think you have exposures because of the mailers you're running or because you have poorly secured internal mail servers, you're going to get much better bang for the buck fixing those first. Like anyluser says, do the cost/benefit analysis, but the only "benefit" you're getting is time cost to the attacker (essentially zero as the attacker has nothing BUT time), while the costs to you may be quite high. -- Kyle Maxwell http://caffeinatedsecurity.com [krmaxwell () gmail com]
Current thread:
- Filtering email headers generated from internal network (Sensible?) Bipin Gautam (May 09)
- RE: Filtering email headers generated from internal network (Sensible?) Eyal Udassin (May 11)
- <Possible follow-ups>
- RE: Filtering email headers generated from internal network (Sensible?) anyluser (May 09)
- Re: Filtering email headers generated from internal network (Sensible?) Kyle Maxwell (May 11)
- Re: Filtering email headers generated from internal network (Sensible?) Joachim Schipper (May 11)
- Re: Filtering email headers generated from internal network (Sensible?) Brendan Murray (May 11)
- Re: Filtering email headers generated from internal network (Sensible?) Sebastian Garcia (May 13)