![]() How? Suppose an attacker seeks to forgo the recon phase because of the lack of information available and decides to execute a Hail Mary Attack, well. SSH is known to run on port 22, but what if you change that operation port to 65822? Again, bear in mind that these tactics might only slow the recon and the exploitation phase, so beware of the bad and the ugly.Ĭoupled with your intrusion detection and prevention system (IDS), Using STO techniques could allow for early detections of ongoing attacks. Another example would be to change default ports for services such as SSH for example. Information such as banner information, default configuration settings, and default system reactions are hidden or altered when using STO to throw attackers off.įor example, removing banner information, such as the webserver version number (e.g., nginx 1.6.1) or the version number and name of the software running on the webserver (e.g., WordPress 5.6). Having implemented STO would have slowed this process down, potentially deterring non APTs from following through with an attack. Reconnaissance or recon for short is a phase of the hacking methodology where the attacker sets out to learn as much information about the target system in an attempt to launch an effective attack. How? Well, for starters, it slows one of the most critical phases of the hacking methodology - Reconnaissance. Used along with other security mechanisms, such as TCP Wrappers, proper firewalling, IP-based restrictions, 2FA, Security Through Obscurity can be a very efficient way to reduce the chances of an attack. While the assumption is not entirely inaccurate, there are a few things you should take into consideration. Generally, when implementing STO, it is assumed that, as long as attackers lack information about the system's internal design, they will not get at its vulnerabilities. Simply put, Security Through Obscurity is based primarily on hiding vital information and enforcing secrecy as the primary security technique. What Exactly is Security Through Obscurity (STO)? Let's explore this concept in its entirety to expose the good, the bad, and the ugly. Basing their conclusion on the premise previously mentioned, they aren't wrong however, that's just half the picture. As such, many cybersecurity professionals frown on the idea of implementing Security through obscurity because it is a "Bad" practice. It is commonly based on the premise that the secrecy of specific details or functions of a system can ensure Security. * Disregarding real-world details such as lock picks and lock models that are keyed alike.Security Through Obscurity (STO) is a controversial topic within the infosec community. ![]() All of the details of the designs and implementations are publicly available.
0 Comments
Leave a Reply. |