Rule 1: Security Through Obscurity Doesn't Work

As they say in the movies, you can run but you can't hide. You may think that you're running an obscure UNIX-based web server that no one would dream of breaking into, but your obscurity is no protection in an era when thousands of malicious little punks have access to powerful network scanning tools which may discover your system and its vulnerabilities. You may think that you're hiding critical data by burying it several directories deep, but you'd be wrong given the powerful search facilities built into UNIX. A software or hardware vendor might realize that a hole exists in their offering but ship it anyway, thinking that no one will find it. These kinds of holes are discovered all the time.

At best, security through obscurity can provide temporary protection. But never be lulled by it -- with modest effort and time, secrets can be discovered. As Deep Throat points out on X-Files: "There's always someone watching."

Excerpt from Unix System Security Tools by Seth T. Ross
Copyright © 1999 by The McGraw-Hill Companies. Used with permission.
HTML Copyright © 1999




Albion Home | Netiquette | Netdictionary | Security

Copyright © 1990-2006 and Seth T. Ross