Those of you that have taken our vSphere Ultimate Bootcamp, know what great lengths we Read more →
IT Blog
About the Author
Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.
Security Through Obscurity
Posted by: Admin | Posted on: December 30th, 2011 | 0 Comments
The effectiveness of Security through Obscurity is closely related to the knowledge (or lack thereof) of the attacker. If someone is unaware of how a particular technology works, the data is obscured by the nature of the technology. Once some understanding is had by your adversary, however, the security vanishes.
Some examples are:
1. Not broadcasting your WLAN SSID. Or, if you do broadcast iy, setting it to something silly (though comical) like OUTOFRANGE or UNAVAILABLE or ERROR.
2. Using Port Security or MAC Filtering as the sole mechanism for controlling access to your network.
3. Hiding files in obscure file system directory structures because “nobody will find them there”
4. Using older/seldom used wireless technologies to transmit data (HomeRF, OpenAir, etc.).
5. Setting your computer name to something obscure like UNKNOWN unwitting users misinterpret the output.
Examples like #1 and #5 are meant to be tongue-in-cheek offerings in class.
Hopefully nobody would ever consider them to be valid efforts at security…
Leave a Comment