InfoWorld on 2015 in Security
-
@BRRABill said:
If some high school kid is looking for certain apps on certain ports, maybe they just don't find yours. Or if you make your password 123.
You are grasping at straws. One is security that must be overcome. One is not. There is nothing at all. That the kid was looking at one port or another is his own business. That's random, not security. That's like having the door on the side of the house rather than the front. Do you call that security? No, it's just the door on the side of the house.
Things like passwords ARE a form of security no matter how weak you feel it is. Things like "arbitrarily picking a port that has to be arbitrarily picked" is not since any port is arbitrary and there is nothing to overcome.
-
@scottalanmiller said:
Things like passwords ARE a form of security no matter how weak you feel it is. Things like "arbitrarily picking a port that has to be arbitrarily picked" is not since any port is arbitrary and there is nothing to overcome.
I thought we were talking about known ports.
-
@BRRABill said:
Granted, this would be a pretty rudimentary hacker. But its the same point as basic passwords. I feel something is better than nothing.
You didn't feel that way about a door lock on a car. You said it was nothing. Nothing is no better than nothing. Nothing has to be the same as nothing.
Port changing is literally nothing. There is no security of any sort. None, nada. It's an illusion. That's what makes it bad, that it is completely fake. Passwords, even weak ones, add measurably delay and a need to "overcome". Port changing does nothing of the sort.
-
@BRRABill said:
@scottalanmiller said:
Things like passwords ARE a form of security no matter how weak you feel it is. Things like "arbitrarily picking a port that has to be arbitrarily picked" is not since any port is arbitrary and there is nothing to overcome.
I thought we were talking about known ports.
Known ports are arbitrary as well, just the commonly used ones. Anything can be on any port. There are places you generally expect services to most likely be, that's like the door in the front of the house. Sure, that is more common than the side of the house. But it would be utterly ridiculous to say that having the door on the side and making an attacker "walk around" was a form of security. You would never say someone broke into your house based solely on the entrance having been on the side of it.
Well yes, officer, the door was wide open but the house was well secured, the open doorway didn't even face the main sidewalk!
See how silly that sounds?
-
@BRRABill said:
In our neighborhood, almost every week stuff is stolen from cars that are unlocked. They go around, see if it is locked, and go to the next one. They are not looking to make millions, just get the low hanging fruit.
Right, and port changing does nothing for this. People looking for low hanging fruit would never know that the port was changed. It presents zero challenge. It's not security in any sense of the word. The only thing it can do is negative by flagging you as a target that doesn't understand security. But even that is very unlikely as no one would notice.
Someone looking to see which doors are open on your house are not going to close their eyes and try blindly. They are going to look at the house to see where the door is. Same with trying to access a computer. They will look first before knocking. In which case, they already know where the port is before any attempt at entering it.
-
I guess I am thinking of people so rudimentary they are searching for known services on known ports.
Hmmm, is RDP open on this firewall? OK, let me take a look. Versus someone scanning all the ports, which is indeed what anyone would do.
-
@BRRABill said:
I guess I am thinking of people so rudimentary they are searching for known services on known ports.
That's not rudimentary, that's lazy. That's literally like saying that you want to break into a house but look and don't see the front door so move on because you assume that there isn't one. Um..... no.
-
@scottalanmiller said:
That's not rudimentary, that's lazy. That's literally like saying that you want to break into a house but look and don't see the front door so move on because you assume that there isn't one. Um..... no.
Sooooooooo in my car example, this would be the their being too lazy to even try the door?
-
@BRRABill said:
Hmmm, is RDP open on this firewall? OK, let me take a look. Versus someone scanning all the ports, which is indeed what anyone would do.
Yes, the first step is seeing what is open. That's the lowest hanging fruit, the easiest step. Once things respond you decide if you want to attack or not.
-
@BRRABill said:
@scottalanmiller said:
That's not rudimentary, that's lazy. That's literally like saying that you want to break into a house but look and don't see the front door so move on because you assume that there isn't one. Um..... no.
Sooooooooo in my car example, this would be the their being too lazy to even try the door?
RIght. It would be like painting the door handles the same colour as the rest of the car thinking that that would confuse someone into thinking that there was no way in.
-
@scottalanmiller said:
RIght. It would be like painting the door handles the same colour as the rest of the car thinking that that would confuse someone into thinking that there was no way in.
You never know with some of these thieves!
-
Security via obfuscation. I like it!