196
submitted 11 months ago by Dio9sys@lemmy.blahaj.zone to c/asklemmy@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] boatswain@infosec.pub 15 points 11 months ago

I see this claim all the time, and it bugs me every time. Obfuscation is a perfectly reasonable part of a defense in depth solution. That's why you configure your error messages on production systems to give very generic error messages instead of the dev-centric messages with stack traces on lower environments, for example.

The problem comes when obscurity is your only defense. It's not a full remediation on its own, but it has a part in defense in depth.

[-] dan@upvote.au 7 points 11 months ago

Changing the port isn't really much obfuscation though. It doesn't take long to scan all ports for the entire IPv4 range (see masscan)

[-] lud@lemm.ee 5 points 11 months ago

It helps against stupid automated attacks though.

If someone has changed the port it's likely that they have set up a great password or disabled password auth all together.

It's worth it for just having cleaner logs and fewer attempts.

[-] dan@upvote.au 3 points 11 months ago

It’s worth it for just having cleaner logs

Those logs are useful to know which IPs to permanently block :)

[-] peter@feddit.uk 2 points 11 months ago

Technically a password is obfuscation anyway

this post was submitted on 14 Dec 2023
196 points (98.0% liked)

Asklemmy

43939 readers
466 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS