Quote:
Originally Posted by chaley
On the server I run for my family, I get 100's of probes per day.
|
I see a similar number when my ftp server is up on port 21, but I never seem to see probes on my Calibre port.
Quote:
|
Security by obscurity, which is what you are doing by picking a random port, can work rather well to hide known applications.
|
Exactly. It's not that obscurity is a strong defense, it's just that there are so many other tempting non-obscure targets, why waste time.
Quote:
|
As for port scans, my server has been fully scanned more than once.
|
Interesting. That's what I wondered about. I haven't seen any complete scans. Occasionally I've seen some ranges scanned. Any thoughts on whether the script-kiddie tools can identify CherryPy/Calibre?
Quote:
|
Twice application-specific attacks on my server have succeeded
|
Were they running on a known port for that particular application? That's where I feel most vulnerable - installing an app that needs to run on a particular known port. If someone later finds a vulnerability in that app, and knows the port, scanning addresses isn't hard.
Quote:
|
The above notwithstanding, it would be very surprising if some random port (not below 8999!) on a particular home machine is probed by a tool that is smart enough to identify the software behind it. However, I have been surprised before, so I believe that a bit of constructive paranoia is called for, but not so much that I don't use my computers for what they are good for.
|
That's my attitude. I want access to my books, so I'm going to run the content server and protect it with reasonable methods.