[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PF related crash? (fwd)
On Sun, 2003-02-23 at 16:41, Sancho2k.net Lists wrote:
> What Henning is probably getting at is the sheer effectiveness of
> obfuscating information on a support list. Chances are you could
> determine IP information anyways, if from nothing else than looking at
> the header for the IP of the sending mail relay. Obfuscating data makes
> it difficult to see into the problem. Giving the pertinent information
DS, please understand that what I'm about to say is in no way directed
to you... you're simply the messenger/interpreter.
But GODDAMMIT, I'm tired of people suggesting that nothing get
obfuscated because "hackers could get it anyways". It's ridiculous to
suggest that because a very small minority set of bad people might be
able to dig up the relevant information (in this case, a netblock of
incredibly vulnerable hosts), that it's a bad idea to hide it in a
posted firewall ruleset to a public mailing list from the other hordes
of minimally qualified script kiddies. Gimme a fucking break.
We're talking about the external netblock, people. Not the internal
routing table, not a handful of relevant macros, not a trace. Just a
NETWORK ADDRESS. How could obfuscating this possibly rate as "the worst
advice of the day" on anyone's radar?
Please keep in mind that I am a critic of "security through obscurity"
as well. But, as my momma used to say, "pick your battles wisely".