Security by obsurity WAS: [Re: [MLB-WIRELESS] ap ip numbers.]
Grant McHerron
grant at taoceti.com.au
Sun May 11 13:21:57 EST 2003
At 12:35 PM 11/05/03, Dave Keller wrote:
>Rik brought up an interesting point in his post about hiding the identity
>of his Default Gateway by using a non-standard ip address. While security
>by obsurity is good, it generally only slows people down from breaking
>into your network resources.
That much is *very* certain - a while back I was attending an offsite
training course that bored me to tears - the whole material could have been
done in 2 to 3 days, even allowing for people who weren't already familiar
with the topic, etc (but then, of course, the trainers wouldn't have been
able to charge us for 5 days of their time - who, me, cynical??? Never!
*coff* :)
Anyhow, we were all attached to a network and it wasn't hard to probe for
IP addresses and try setting the Internet Explorer config to try the
low-end ones as proxies - sure enough, I was online in a very short amount
of time surfing away - maybe it would have taken an extra half hour or so
if they'd kept servers in the middle/end of the pack. Saved my sanity,
that's for sure :)
So yeah, it slowed me down, but it certainly didn't stop me.
Cheers,
Grant
------------------------------
Grant McHerron
Tao Ceti Pty Ltd
Level 1, 530 Little Collins St, Melbourne VIC 3000, Australia
Ph: +61 3 9909 7067 Fax: +61 3 9228 3257
http://www.taoceti.com.au grant at taoceti.com.au
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list