Security Basics
server security Jun 20 2012 05:27PM
Littlefield, Tyler (tyler tysdomain com) (3 replies)
Re: server security Jun 20 2012 11:44PM
Alex Dolan (dolan alex gmail com) (3 replies)
Re: server security Jun 21 2012 05:48PM
Tracy Reed (treed ultraviolet org)
Re: server security Jun 21 2012 04:34PM
Mike Hale (eyeronic design gmail com) (4 replies)
Re: server security Jun 22 2012 11:02AM
Rory Browne (rbmlist gmail com) (3 replies)
Re: server security Jun 22 2012 08:27PM
Tracy Reed (treed ultraviolet org)
RE: server security Jun 22 2012 06:09PM
Ron McKown (RMcKown apptio com) (1 replies)
RE: server security Jun 22 2012 08:09PM
Ward, Jon (Jon_Ward SYNTELINC COM) (1 replies)
RE: server security Jun 22 2012 09:30PM
Dave Kleiman (dave davekleiman com) (2 replies)
RE: server security Jun 26 2012 02:35PM
Tommy Thomas (webmaster ocaladesigns com)
Re: server security Jun 22 2012 09:54PM
Tracy Reed (treed ultraviolet org) (2 replies)
RE: server security Jun 22 2012 10:47PM
Dave Kleiman (dave davekleiman com)
Tracy,

Not my servers, I usually see things post incident on others systems.

As with anything you have to weigh the options, certainly not every option fits every need or configuration. I have seen servers not hardened, sometimes not even patched just because they were behind a firewall and they thought that would protect them.

Respectfully,

Dave Kleiman - http://www.ComputerForensicsLLC.com - http://www.DaveKleiman.com

4371 Northlake Blvd #314

Palm Beach Gardens, FL 33410

561.310.8801

-----Original Message-----

From: Tracy Reed [mailto:treed (at) ultraviolet (dot) org [email concealed]]

Sent: Friday, June 22, 2012 17:54

To: Dave Kleiman

Cc: security-basics (at) securityfocus (dot) com [email concealed]

Subject: Re: server security

On Fri, Jun 22, 2012 at 02:30:01PM PDT, Dave Kleiman spake thusly:

> I know I have seen a plethora of 3389 automated scans and upon

> successful connection, attempted password attacks, what would happen

> if I changed to some other port?

Why isn't there a firewall restricting who can connect to your db server?

Why aren't you requiring something better than just password auth?

You change the default port but you don't implement these far more effective controls?

> Sometimes security through obscurity does work. I am certainly not

> suggesting it would protect you from an Advanced Persistent Threat,

> but every little layer of security affords a little protection, deterrence, or delay.

It sets a bad precedent and doesn't scale when you have to worry about changing the default ports on a bunch of database servers and apps. Many "little layers of security" just aren't worth it.

--

Tracy Reed

[ reply ]
Re: server security Jun 22 2012 10:31PM
Tracy Reed (treed ultraviolet org) (1 replies)
RE: server security Jun 22 2012 10:51PM
Dave Kleiman (dave davekleiman com) (2 replies)
Re: server security Jun 23 2012 12:48PM
Ansgar Wiechers (bugtraq planetcobalt net)
Re: server security Jun 22 2012 11:17PM
Rob (synja synfulvisions com)
Re: server security Jun 22 2012 02:51PM
Littlefield, Tyler (tyler tysdomain com)
Re: server security Jun 21 2012 04:47PM
Killian Faughnan (lists killianfaughnan com)
Re: server security Jun 21 2012 04:44PM
Littlefield, Tyler (tyler tysdomain com)
Re: server security Jun 21 2012 02:44PM
Jerome Athias (athiasjerome gmail com)
Re: server security Jun 21 2012 03:52PM
Rob (synja synfulvisions com)
Re: server security Jun 20 2012 06:58PM
Rowland Onobrauche (rowland onobrauche alphadex co uk)
Re: server security Jun 20 2012 06:13PM
Mike Hale (eyeronic design gmail com) (1 replies)
Re: server security Jun 20 2012 06:40PM
Gregory J Bessette schneider-electric com


 

Privacy Statement
Copyright 2010, SecurityFocus