Re: [Full-Disclosure] New Security News Website

[g0d <g0d@mrplaydoh.org>]

On Mon, 2004-02-16 at 15:28, Paul Schmehl wrote:
> --On Monday, February 16, 2004 1:49 PM -0800 "Gregory A. Gilliss" 
> <ggilliss@netpublishing.com> wrote:
> 
> > You're kidding, right? Me thinks you *need* some hacker intel!
> 
> So you think a simple nmap scan is sufficient to determine if a host is 
> insecure?  Interesting.
> 
> If you scanned my Windows XP boxes, you'd find a bunch of juicy ports open. 
> What you wouldn't find is a hackable daemon.  All the open ports feed a 
> program that captures the packets for analysis later.  The boxes are 
> running no Internet-addressable services.  Yet, from an nmap scan you might 
> (wrongly) assume that those boxes were grossly insecure.
> 
> This is the Internet.  Things are not always what they seem.  And open 
> ports don't always mean negligence.

on a host running a production website common sense would dictate that
*any* non-essential services be turned off, if for no other reason then
the fact that having multiple services running makes the host a prime
target for attacks. i should think this is even more true when the host
is running a website that has been advertised on a mailing list which
attracts the specific element of computing society with a bent towards
system compromise. while having a test box out there 'in the wild'
accumulating data on currently-employed techniques for cracking hosts,
methinks that functionality would be better suited to a separate host.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html