[SCADASEC] IBM is offering 'SCADA security best practices'...
Matthew Franz
mdfranz at gmail.com
Sat Feb 9 11:33:17 CST 2008
>
> That's fine for automated attacks / scans, but doesn't help you a bit for
> somebody who targets you. And even automated tools can be scanning every
> port to see if the required service is available on any port.
>
> Doing port changes to your services is one thing to do, but do not think you
> are then secure. IMHO, this is still security through obscurity.
>
Obviously.
Sure it would be foolish to *just* do these sorts of obfuscatory
actions (another one many folks would consider "security through
obscurity" would be removing banner/version info from applications,
right? doesn't make an app less vulnerable) but to intentionally avoid
adding additional hurdles that eliminate some % of the attacker
population just to just avoid a security cliche, seems even more
foolish.
But if this position is "security through obscurity" call me its #1 proponent.
- mdf
More information about the scadasec
mailing list