Security Basics mailing list archives
Re: Concepts: Security and Obscurity
From: Daniel Miessler <daniel () dmiessler com>
Date: Tue, 17 Apr 2007 13:42:23 -0400
On Apr 17, 2007, at 12:28 PM, Ansgar -59cobalt- Wiechers wrote:
So if I'm scanning a class B for port 22 in order to unleash a zero-day exploit, how do you propose I differentiate between the dead network space (i.e. there's nothing there) vs. the systems that just SEEM to not be there because I get no response?You differentiate by the fact that for the former you *do* get a response (destination-unreachable), whereas for the latter you don't. Please read up on how TCP/IP actually works.
Yes, we're aware of the basics here, and now I ask that you scan a class B and see if for every system that's NOT there you get back an ICMP message like you're supposed to. I think you'll find that reality doesn't correlate well with the RFC on this matter.
Getting back proper ICMP responses from "somewhere upstream" is hit and miss, and therefore unreliable as a true indicator of a "hiding system".
-- Daniel Miessler E: daniel () dmiessler com W: http://dmiessler.com G: 0xDA6D50EAC
Attachment:
PGP.sig
Description: This is a digitally signed message part
Current thread:
- Re: Concepts: Security and Obscurity, (continued)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 11)
- Re: Re: Re: Concepts: Security and Obscurity danogh (Apr 11)
- Re: Re: Re: Re: Concepts: Security and Obscurity levinson_k (Apr 12)
- Re: RE: Concepts: Security and Obscurity levinson_k (Apr 12)
- Re: Re: Concepts: Security and Obscurity lordl3ane (Apr 12)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 17)
- RE: Concepts: Security and Obscurity Craig Wright (Apr 12)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 12)
- RE: Concepts: Security and Obscurity Craig Wright (Apr 12)
- Re: Concepts: Security and Obscurity Ansgar -59cobalt- Wiechers (Apr 12)
- Message not available
- Message not available
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 17)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 12)
- Re: Concepts: Security and Obscurity Jeffrey F. Bloss (Apr 13)
- Re: Concepts: Security and Obscurity Jeffrey F. Bloss (Apr 13)
- RE: Concepts: Security and Obscurity Craig Wright (Apr 15)
- Re: Concepts: Security and Obscurity Craig Wright (Apr 13)
- Message not available
- RE: Concepts: Security and Obscurity Craig Wright (Apr 17)