OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] strange ftp-scan
From: Roman Drahtmueller (drahtsuse.de)
Date: Sat Oct 07 2000 - 17:34:36 CDT

>
> That is so utterly stupid. Most script kiddie attacks I have seen don't even
> bother to be subtle at all, they just use the shotgun approach, taking an
> exploit and pointing it at machines until they get in. Hiding version info
> is pretty damn useless.
> Kurt Seifried - seifriedsecurityportal.com

I agree. Security by obscurity doesn't help - in the contrary: It shows
the attacker the level of experience to some degree. You should easily be
able to recognize an MTA just by its reaction to some teasing and bugging.

The other way around is very funny, though. (do as if you have a
vulnerable version and watch the hx0r5 wasting their time...)

Roman. 

-- 
 -                                                                      -
| Roman Drahtmüller      <drahtsuse.de> //          "Caution: Cape does |
  SuSE GmbH - Security           Phone: //       not enable user to fly."
| Nürnberg, Germany     +49-911-740530 // (Batman Costume warning label) |
 -                                                                      -

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com