Re: Update to BCP-38?

[Mike Meredith via NANOG <nanog () nanog org>]

On Tue, 8 Oct 2019 13:59:58 +0000, Mark Collins
<mark.collins () mariestopes org> may have written:
> Not everyone attacking your systems is going to have the skills or
> knowledge to get in though - simple tricks (like hiding what web server
> you use) can prevent casual attacks from script kiddies and others who
> aren't committed to targeting you, freeing your security teams to focus
> on the serious threats.

Er ... no. Not according to real world data (my firewall logs).

Most attacks are fully automated and they don't (always) bother with
complex logic to determine which attacks to try. For instance I constantly
see Apache struts attacks against servers that a) may or may not be running
Apache (the headers are removed) b) definitely aren't running Struts. 

In fact many attacks are sufficiently automated that the human behind the
scenes won't even know a system has been compromised if it doesn't
successfully pick up the second stage of the payload and 'phone home'.

-- 
Mike Meredith, University of Portsmouth
Chief Systems Engineer, Hostmaster, Security, and Timelord!

Attachment: _bin
Description: OpenPGP digital signature