[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] re: Telnet security
- Subject: RE: [cobalt-security] re: Telnet security
- From: "Adam Sculthorpe" <sculthorpe@xxxxxxxxxxxxx>
- Date: Thu, 26 Apr 2001 11:15:34 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
I partially agree, however portscanners are noisy and if you take the added
step of installing portsentry and include your default ports to the list of those
protected after moving them then you are almost home dry in that respect.
So, change your default ports AND install portsentry and you have a much
stronger protection system, again you can do more ;) but we are moving
in a good direction here and yet again your risk is 'lowered'.
Adam
*********** REPLY SEPARATOR ***********
On 26/04/2001 at 10:06 Reinoud van Leeuwen wrote:
>> Using a non-standard listening port has the advantage of not
>> falling in standard traps aimed for random victims, assuming they are
>> using standard ports. It does not stop a determined attacker. However,
>> random script-kiddie type of attacks are probably the main (read: near
>100%)
>> worry to most subscribers of this list.
>
>You might be safer from the "non 31337" scripts. But the "better" hacking
>scripts start with a portscan to discover what ports a box listens to.
>After
>they discover a strange port, they just try some protocols on it and soon
>discover that it is ssh...
>So yes, it will provide a little extra security, but not really mutch IMHO.
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security
o