Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Re: Re: Concepts: Security and Obscurity

From: levinson_k () securityadmin info
Date: 12 Apr 2007 08:40:03 -0000
Obscurity is just that, obscure.  It’s “hiding” rather than actually
proactively keeping people out...  just makes it 
slightly harder.  The attackers must try a few doors before they 
find the one with the network gear, or call the company and say 
there’s something wrong with the website – can they talk with the 
webmaster to let them know, 


One might as well throw away your antivirus and firewalls, because those won't block social engineering either.



When we define things this way, then we can clearly see why 
“obscurity” doesn’t add much benefit against targeted attacks. 


Obscurity isn't intended to block targeted attacks, just as firewalls aren't intended to block social engineering.  The 
people here who require countermeasures to be 100% effective against everything will quickly end up with no 
countermeasures at all.  But at least they won't have, horror of horrors, a false sense of security!

Obscurity does help you against targeted attacks, in that targeted attacks that hit your SSH server listening on a 
nonstandard port will tend to stand out, because your logs will have less noise in them.

kind regards,
Karl Levinson
http://securityadmin.info
Previous By Date Next
Previous By Thread Next

Current thread: