proxy70

                                        
                                   * * * * *
                                        
                      THE INFOCAPALYPSE IS NIGH UPON YOU!
                                        
I swear, I want to take a clue-by-four to some of these so-called “computer
network security consultants.”

One of our clients just received an audit from these people, and just like
the last time [1] (although last time it was some other company) this audit
report is just inane, if not shorter (thankfully).

For instance, this lovely bit (not the full table):

Table: Attackers use a port scan to find out what programs are running on your computer. Most programs have known security weaknesses. Disable any unnecessary programs listed below.
Protocol	Port	Program	Status	Summary
------------------------------
ICMP (Internet Control Message Protocol)	Ping	 	Accepting	Your computer is answering ping requests. Hackers use Ping to scan the Internet to see if computers will answer. If your computer answers then a hacker will know your computer exists and your computer could become a hacker target. You should install a firewall or turn off Ping requests.

Really?

Hackers can use ping to target my computer?

**THIS IS A XXXXXXX WEBSERVER YOU MORONS! DISABLING ping WON'T “HIDE” THIS
COMPUTER FROM HACKERS!**

**XXXXX XXXXXXX XXXXXX IS THIS STUPID!**

Okay.

I'm calming down now.

And to be fair, it may be that these so called “computer network security
consultants” had no idea what the computer was tasked to do and erred on the
side of Armageddon [2].

But generally, I feel such reports are, at best, worthless and at worst,
scaremongering tactics to extract a lot of money [3] (link picked at random)
for what you get, which is nothing more than a list of open ports that may
“help a hacker to gather information about what is running on this machine
and what kind of machine you have.” Have these people not heard that security
through obscurity doesn't work [4]? That if I have to hide what I'm actually
using I've already lost? That a false sense of security is bad because you're
deluding yourself that you are safe?

Sheesh.

In fact, the entire report can be boiled down to:

> We found a computer at this IP (Internet Protocol) address. This is bad
> because then “hackers” can break into the computer and do bad “hacker”
> things. Cut the network cable, yank the power cord, smash the computer to
> bits, embed in concrete, dump into the middle of the Pacific ocean, and
> nuke the site from orbit, just to make sure everything is secure.
> 

[1] gopher://gopher.conman.org/0Phlog:2005/12/21.1
[2] http://en.wikipedia.org/wiki/Armageddon
[3] https://www.securitymetrics.com/pricelist.adp
[4] http://slashdot.org/features/980720/0819202.shtml

Email author at sean@conman.org