[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-taxii] Questioning the wisdom of using DNS SRV records for TAXII 2.0 Discovery
On 30.10.2015 21:02:52, Terry MacDonald wrote: > > · Security through Obscurity is not a security control > True, but let's not conflate security through obscurity with good opsec: * If I hash all my system passwords using ROT13, that's security through obscurity. * If I don't publicly advertise the location of the server holding the password hashes, that's operational security. * If I keep a spare key hidden in a fake rock by my front door, that's security through obscurity. * If I don't publicly advertise where I live or do a Foursquare check-in while traveling on business, that's operational security. Now it may well be that in the case of using DNS SRV records to support TAXII Discovery on the public internet, the benefits outweigh the risks. My intent was not to kill the proposal but rather to highlight an implicit risk and debate the question. -- Cheers, Trey -- Trey Darley Senior Security Engineer 4DAA 0A88 34BC 27C9 FD2B A97E D3C6 5C74 0FB7 E430 Soltra | An FS-ISAC & DTCC Company www.soltra.com -- "Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works." --RFC 1925
Attachment:
signature.asc
Description: PGP signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]