Printable View
See that, great minds think alike.
As for your stance on the mandatory disclaimer when locking boxes, perhaps we should do that. I just figured that folks here, in general, have more common sense than to believe that exposing ANY box directly to the internet is a good idea no matter what precautions have been taken.
Sorry, but IMHO, this is a pretty poor article: it doesn't bring anything new to the table, and very little "not so new" information worthy of reading.... I mean just check this paragraph:Quote:
Could this say any less?! "Your server may be vulnerable to trojans. To make it secure, you should protect it against trojans" DUH!!!Quote:
All back-door Trojans have one thing in common: They allow unauthorised access to the infected computer. Just as the name implies, this is like having your back door propped open to let every hacker know they are welcome. A number of Trojan programs are designed to covertly monitor activity on a victim system -- typically employing keystroke and screen captures. The results are then emailed from the victim system by the Trojan to a specific email account at various intervals. In this way, a hacker can really find out a lot about a system, often including the local admin password and other sensitive information that can be used to compromise the system. As a result, part of protecting the information about your servers involves protecting them against Trojans.
Oh, and changing/hiding banners is known as "security through obscurity" and ain't worth nothing. Between, it would take only a few seconds to run an nmap scan with fingerprinting to know it's an w2k box, and if a webserver is running on port 80 and/or 443, you can pretty much assume it's IIS.
Oh, hey, did you know you should use an antivirus software?!!
Anyways, I know this is well intended, but you might try being a little more selective...
We already have heaps of tutorials that address this in a much better way.
Ammo
I didnt write it, nor did i know that anyone would not be interested in this. i only posted this here for all purpose general knowledge and for people to talk about. the last 10 posts have been producted. and yes, you are right, it could be a bit shorter, but i wasnt going out of my way to edit it :D
Ammo: That's a pretty odd statement at the end there..... The default ports for http and ssl are 80 & 443, it doesn't matter which web server you wanna put up the defaults are 80/443. So, if you are going to make the assumption that because a large number of web servers on the internet are Winboxes then you aren't being a very good hacker because you made an assumption that has somewhere close to a 50:50 chance of being wrong. Hack away baby.... you're probably wasting your time.Quote:
Originally posted here by ammo
Oh, and changing/hiding banners is known as "security through obscurity" and ain't worth nothing. Between, it would take only a few seconds to run an nmap scan with fingerprinting to know it's an w2k box, and if a webserver is running on port 80 and/or 443, you can pretty much assume it's IIS.
Ammo
Then lets look at the first part of the statement re: security through obscurity. I disagree somewhat in your definition of that. If you have a box with public services such as http, smtp, dns etc. out there then no matter what you do it isn't "security through obscurity" because you have advertised services there. IMO, security through obscurity is more akin to running a box that has no common public services but has a web server on port 5487 for example. No-one scans for that port because no-one expects to find an exploitable resource there. That's your obscurity - You can access the web site by calling http://mydomain.com:5487 but no-one else will even look there.
Changing banner is a lot like driving a Roll Royce but having Pinto logo's on it..... If the car thief is told to steal a Rolls Royce he will overlook yours with the Pinto stuff on. Changing the banners helps make the skiddies with their automated tools move on - cos they don't really know what a Rolls Royce looks like so they rely upon the information that is easily accessible.
Thats my 2c...anyhoo
The assumption is based on the fact that you already know you're probing a W2k box (by running a fingerprinting scan with nmap for example). If a W2k box is running a web server, what are the odds that that web server is IIS? I'd say at least 90%.
Secondly, security trough obscurity means that you're counting on the hacker to not no what he's looking at instead of knowing that your server is properly secured. To follow your analogy, it means that you're counting on the auto theif not being able to recognize that Rolls Royce instead of making sure that your doors are locked, that the alarm is on and your tracking mechanism working properly. The opposit of security trough obscurity would mean that even if the hacker knows what he's looking at, it doesn't matter because there's nothing for him to exploit (or no way for him to expoit it).
Ammo
Ammo: Ok. The way you wrote the original phrase the "hiding banners" bit came before the "nmap scan" bit implying to me that at the point the person was reading the banners he/she still didn't know what box s/he was looking at but would do if they subsequently ran the scan. I absolutely agree that if you are looking at a known winbox there is almost zero chance you aren't looking at IIS.
With regard to Security through obscurity the obscurity bit comes from not being able to be found, hence the web site on a port that is not normally ever scanned. Changing the banners/logos is not, IMO, obscurity since you are quite clearly there, it's just that the viewer doesn't recognize what he is looking at, he can see you, he just doesn't know what you are - that, to me, is security through ignorance/inattention to detail....... Maybe I'm just being pernickety... If the person was told to go find a RR and went to see what it looked like before going to find one the Pinto logo would be a waste of time and he would try to steal the car anyway. It wouldn't matter if the security was properly done - he would try to steal it because he knows it is what he was told to steal - the target was not obscured - it was simply obfuscated.