Another example would be to change default ports for services such as SSH for example.
#Security via obscurity software#
Information such as banner information, default configuration settings, and default system reactions are hidden or altered when using STO to throw attackers off.įor example, removing banner information, such as the webserver version number (e.g., nginx 1.6.1) or the version number and name of the software running on the webserver (e.g., WordPress 5.6). Having implemented STO would have slowed this process down, potentially deterring non APTs from following through with an attack. Reconnaissance or recon for short is a phase of the hacking methodology where the attacker sets out to learn as much information about the target system in an attempt to launch an effective attack.
How? Well, for starters, it slows one of the most critical phases of the hacking methodology - Reconnaissance. Used along with other security mechanisms, such as TCP Wrappers, proper firewalling, IP-based restrictions, 2FA, Security Through Obscurity can be a very efficient way to reduce the chances of an attack.
While the assumption is not entirely inaccurate, there are a few things you should take into consideration. Generally, when implementing STO, it is assumed that, as long as attackers lack information about the system's internal design, they will not get at its vulnerabilities. Simply put, Security Through Obscurity is based primarily on hiding vital information and enforcing secrecy as the primary security technique. What Exactly is Security Through Obscurity (STO)? Let's explore this concept in its entirety to expose the good, the bad, and the ugly. Basing their conclusion on the premise previously mentioned, they aren't wrong however, that's just half the picture. As such, many cybersecurity professionals frown on the idea of implementing Security through obscurity because it is a "Bad" practice. It is commonly based on the premise that the secrecy of specific details or functions of a system can ensure Security. Security through diversity can make a system harder to target and can be inherently more secure than a well-known monolithic solution.Security Through Obscurity (STO) is a controversial topic within the infosec community. This approach involves using a combination of piecemeal components. Security through diversity can also be effective. Similarly, security through obsolescence relies on the fact that programs that are no longer used are less likely to be exploited because few are familiar with coding for them- let alone exploiting their code. That approach relies on the knowledge that hackers looking for vulnerabilities to exploit typically seek commonly-used software to maximize sales of malware and hacking scripts and increase the number of computers they can reach.
#Security via obscurity code#
Security through minority is a subcategory of STO that is based on code that is infrequently used. Used to bolster more effective approaches such as security by design, security through obscurity can add another layer of protection. The approach can be effective in combination with other measures but STO on its own is deprecated. Security through obscurity is often achieved by developing code in secret, protecting it from unauthorized access and maintaining the software’s proprietary closed source status. Security through obscurity (STO) is reliance upon secrecy in software development to minimize the chance that weaknesses may be detected and targeted.
0 kommentar(er)
