[UPHPU] svn over wan - security through obscurity
Kenneth Burgener
kenneth at mail1.ttak.org
Tue Sep 22 15:33:02 MDT 2009
On 9/22/2009 2:25 PM, Lonnie Olson wrote:
> Also, I want to mention a pet peeve of mine. Changing the default ports.
> Changing the default port add *zero* additional real security. Only
> fake security through obscurity.
>
Probably not the right thread to be contending this point, but I believe
security through obscurity can be one layer for security. It should
defiantly not be your only means of security. Security is all about
layers of *deterrents*. Notice I emphasize the word deterrent. There
is no such think as absolute security. But, the more deterrents you
have the less likely you are to become a victim. A determined
hacker/thief will always find away.
Compare it to your house. No trespassing signs, closing your blinds and
locking your doors are all good deterrents, but a determined thief will
walk around the sign, break the window and knock down the door. A
really determined thief could ram a truck into your wall, bypassing all
other entrances.
As far as the changing the default port, this is not a high deterrent,
but it does help reduce the number of attempts by mass login scanners,
and I for one, really appreciate having less random attempts, and less
security logs to comb through.
Ken
More information about the UPHPU
mailing list