> Just because security by obscurity is not a barrier you should lean on doesn't mean that it lacks value in combination with other measures.
Damn straight. Check out the DNS spoofing defences - using random ports to issue requests on. There's a known limit to port numbers, and you could probably circumvent it with massive amounts of traffic, but using an unknown port number makes it hard enough that performing that kind of attack is significantly more difficult.
Damn straight. Check out the DNS spoofing defences - using random ports to issue requests on. There's a known limit to port numbers, and you could probably circumvent it with massive amounts of traffic, but using an unknown port number makes it hard enough that performing that kind of attack is significantly more difficult.