On Sat, Oct 10, 2009 at 10:17:01AM -0400, Jody & Jennifer McCluggage wrote:
> I may be in the minority here, but I do see a real value in "security > by obscurity" as part of a layered defense. I think it has been > drummed into us for so long as being bad or worthless that many of us > believe it. > > You certainly do not want to rely on it as your primary defense. True > simply changing the default SSH port or the Administrator name will > not in itself stop a determined attacker but it will frustrate a lot > of default automated attacks that are just looking for low hanging > fruit. Absolutely, there's a *huge* difference between "security through obscurity" and "increased security through obscurity", and constantly surprised at how many people miss this. -- "You can get more with a kind word and a gun than you can get with just a kind word." Willie Sutton _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
