Porteus

The purpose of Security through obscurity (eg. a network tarpit and/or port spoofing) is to waste the resources of an attacker.
If deployed as part of a larger IT defensive strategy it's objective is to discourage (NOT prevent) successful attacks.

The link below presents a classic example of Security through obscurity ...
http://linuxlookup.com/howto/change_default_ssh_port

Port spoofing is NOT a panacea. It is simply a tactic that is part of a larger toolkit (see... Intrusion detection system ).

Philosopher Mode: "On"

Here are a few ways to look @ defensive tactics...

- Niccolò Machiavelli ... (" The Prince")

"Every one sees what you appear to be, few really know what you are"

"Appearance" in this case means an IT... Black hole .

- Carl von Clausewitz ... (" On War ")

"Cunning implies secret purpose. . . . It is itself a form of deceit. . . .
No human characteristic appears so suited to the task of directing and inspiring strategy. . . . "

"Cunning" in this this case suggests if the intruder's attacks are clever... the system defenses should be too.

- Yagyū Munenori ... (" A Hereditary Book on the Art of War ")

It is hard to be impossible for others to cut down.

"Impossible" in this case simply means... to have a IT contingency plan that is muscular enough to discourage (NOT stop) even the most brazen attacker.

PREFACE:
There is a prevailing mindset some have that... IT "security" (or any kind) is some sort of magic wand.
In reality... "security" is a mosaic of defensive tactics employed to address (NOT prevent) disaster.

In "security" there are NO guarantees only tactics... (eg. Chess tactic ) Chess is used
as an example because AI ("gaming") forms the basis of modern warfare technology.



Posted by 73.112.17.71 via http://webwarper.net
This is added while posting a message to avoid misusing the service

I find this thread nonsensical and therefore useless. You open with a philosophical quote, then link to a chess tactic and finally close with a link to change your default ssh port, none of which has anything at all to do with security through obscurity. I was hoping for an interesting read.

If you made a mistake and left something out then add it otherwise I will remove this post in 2 days.

Ok... I see you are referring to context.

Security through obscurity is the idea that as a tactic ... spoofing attackers is a valuable tool.

The "interesting" part is... if incorporated as part of a comprehensive security strategy
(eg. "opt in" firewall) it becomes part of a aggressive deterrent against attacks.

I for one... have "baked in" approaches like this one (and others) in my soon to be released derivative (subversion?).

@ brokenman ... Jay I'm multitasking a lot lately (resolving real life issues) so concentration is in short supply. No worries... the thread is edited.

Regards... (David)