[SCADASEC] IBM is offering 'SCADA security best practices'...
Scada at reijers.org
Scada at reijers.org
Sat Feb 9 01:29:43 CST 2008
> It's like moving your SSH server on an Internet *NIX box to port 502
> (or something other than 22) you might not be "more secure" (whatever
> than even means) but you will definitely get less probes, connection
> requests, brute force login attempts, and this would help you against
> an SSH worm that on the IANA registered port. It buys you something
> against some attackers. And I think the same is true for proprietary
> protocols or non-Ethernet communication. Security is not an all or
> nothing proposition.
That's fine for automated attacks / scans, but doesn't help you a bit for
somebody who targets you. And even automated tools can be scanning every
port to see if the required service is available on any port.
Doing port changes to your services is one thing to do, but do not think you
are then secure. IMHO, this is still security through obscurity.
Roeland
More information about the scadasec
mailing list