Re: Sunbelt: Anatomy of a Malicious Host File Hijack

[Brian Barrios <bbarrios () gmail com>]

On 1/12/06, Todd Towles <toddtowles () brookshires com> wrote:
> Also, I have a couple of other ideas for this "Security thru
> Customization" idea.

This is a method plenty of people use... I've worked at several
companies that want to run applications/servers but are concerned
about the visibility... so they run them on some random port.  For
example (though this example is really obscurity and customization),
why run FTP on 21 when it's designed to be a closed service between
trusted clients... why not run it on 5467?  Does this enhance security
in any way? DEFINITELY NOT!!... but it does eliminate 99% of default
port scans just looking for FTP running on 21.  I wouldn't recommend
it... but I understand the theory behind it....

I do something similar on my cars... I completely rewire the starter
on every car I've ever owned.  Does it make my car "steel-proof",
certainly not, they could just tow it.  But it takes a dedicated thief
to debug my starter's wiring for 10 hours to figure out what crazy way
I decided to wire that particular car... GOOD LUCK!!  My opinion is,
if he's that dedicated and that knowledgeable about electrical
systems, he's going to steal it anyways, no matter what I do.  I think
probably 99% of car thieves are lazy... this is not an approach I take
to computer security.

2.5 cents,
-Brian.

--
Brian Barrios
bbarrios () gmail com
AIM: BrianBarrios1

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.