nanog mailing list archives
Re: a record?
From: Sean Donelan <sean () donelan com>
Date: Sun, 20 Nov 2005 02:39:45 -0500 (EST)
On Sat, 19 Nov 2005, Alexei Roudnev wrote:
Security by obscurity eliminates all (100%) of this automated scans and automated attacks. So, having SSH on port 63023 (for example) and seen probes, you can be 100% sure that someone have SPECIFIC interest in your
This is just security by outrunning the bear. The assumption is bears will stop chasing you if they catch a different hiker first. Unfortunately, we now have decades of experience in cybersecurity that this isn't true. It appears to work for a while, but on the Internet bears are always hungry and learn. There are people actively scanning for any open ports running any protocol, without a SPECIFIC interest in your computer. SSH already has a No Trespassing banner. You may just not have a big enough sample to see what is actually happening.
Current thread:
- Re: a record?, (continued)
- Re: a record? John Levine (Nov 15)
- Re: a record? Matthew Sullivan (Nov 18)
- Re: a record? Eric Rescorla (Nov 18)
- Re: a record? Patrick W. Gilmore (Nov 15)
- Re: a record? Alexei Roudnev (Nov 19)
- Re: a record? Austin McKinley (Nov 19)
- Re: a record? Suresh Ramasubramanian (Nov 19)
- Re: a record? Alexei Roudnev (Nov 19)
- Re: a record? Suresh Ramasubramanian (Nov 19)
- Re: a record? Sean Donelan (Nov 19)
- Re: a record? Elmar K. Bins (Nov 20)
- Re: a record? Patrick W. Gilmore (Nov 20)
- Re: a record? Alexei Roudnev (Nov 20)
- Re: a record? Elmar K. Bins (Nov 20)
- Re: a record? Suresh Ramasubramanian (Nov 16)