On Thu, Dec 28, 2000 at 10:12:48AM +0100, Piotr Kasztelowicz wrote:
> ORBS and like ORBS lists
> there are stupid idea, which makes more evil than good. First of all
> from such as ORBS 'insecure hosts' list" are using all presented on Net
> hacers, who have directly listing of host, which potentialy can
> be used to attack. I'm of opinion, that giving such list public
> is illegal and harmful. I have met such case, that after each test
> made from ORBS was reported hackers proof to destroy my host, therefore
> the access for ORBS on my host has been by my on tcpserver blocked:
This lists are irrelevant for attacks and security through obscurity is
no security at all.
Hackers will find your server regardless whether you are listed in a RBL
list or not. On a freshly setup system with an IP address never assigned
before I had - within a week - 4 complete port scans + 6 additional
scans for relay open mailservers.
Trying to "hide" is useless. Fix your systems. I personally have no mercy
for ppl doing lousy system administration and whining when they get hacked.
If you can't handle all the hosts in your responsibility use at least
some port filters or a firewall or disconnect them by pulling the network
plug.
\Maex
--
SpaceNet AG | http://www.Space.Net/ | Stress is when you wake
Research & Development | mailto:[EMAIL PROTECTED] | up screaming and you
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
