nanog mailing list archives
RE: Update to BCP-38?
From: "Keith Medcalf" <kmedcalf () dessus com>
Date: Tue, 08 Oct 2019 10:19:40 -0600
Not everyone attacking your systems is going to have the skills or knowledge to get in though - simple tricks (like hiding what web server you use) can prevent casual attacks from script kiddies and others who aren't committed to targeting you, freeing your security teams to focus on the serious threats.
And this is based on what evidence? It also defies logic. By definition script-kiddies run scripts. If you remove the identification those scripts can no longer identify what is running, and therefore will continue to attack it. What would be useful is to replace that with alternative "disinformation" headers so that the script-kiddies scripts will get a positive result, but that result will not be what they are looking for, so they will go away. Until having disinformation headers gets the same "old wives tale" status as "remove the identifying headers". At which point either course of either action is a waste of effort and $$$ because the script-kiddies will just ignore it as it will be just as cost effective to run the exploit and see what happens. In other words, simple tricks are exactly that. They usually do exactly the opposite of what the "simple tricker" thought they were doing, or do nothing useful at all. Which means that effort and $$$ have been expended at best on a useless endeavour, and at worst one which increased the very activity it was designed to thwart. One would have been far better off putting the $$$ in the slush-fund and using it when some particularly persistent script-kiddie showed up so you could afford to add a filter to the firewall. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.
Current thread:
- Re: Update to BCP-38?, (continued)
- Re: Update to BCP-38? Fred Baker (Oct 03)
- Re: Update to BCP-38? Stephen Satchell (Oct 03)
- Re: Update to BCP-38? Fred Baker (Oct 03)
- RE: Update to BCP-38? Keith Medcalf (Oct 03)
- Re: Update to BCP-38? Valdis Klētnieks (Oct 03)
- Re: Update to BCP-38? William Herrin (Oct 04)
- RE: Update to BCP-38? Keith Medcalf (Oct 04)
- Re: Update to BCP-38? Mike Meredith via NANOG (Oct 08)
- Re: Update to BCP-38? Rich Kulawiec (Oct 08)
- RE: Update to BCP-38? Mark Collins (Oct 08)
- RE: Update to BCP-38? Keith Medcalf (Oct 08)
- Re: Update to BCP-38? Mike Meredith via NANOG (Oct 09)
- Re: Update to BCP-38? William Herrin (Oct 08)
- RE: Update to BCP-38? Keith Medcalf (Oct 08)
- Re: Update to BCP-38? Valdis Klētnieks (Oct 08)
- Re: Update to BCP-38? Mark Collins (Oct 10)
- RE: Update to BCP-38? Keith Medcalf (Oct 08)
- Re: Update to BCP-38? Rich Kulawiec (Oct 09)
- Re: Update to BCP-38? Fred Baker (Oct 03)
- Re: Update to BCP-38? Stephen Satchell (Oct 03)
- Re: Update to BCP-38? Fred Baker (Oct 03)