Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...)

Jean-Francois Mezei jfmezei_nanog at vaxination.ca
Thu Jan 24 21:43:47 UTC 2013


On 13-01-24 13:52, George Herbert wrote:

> It's true that relying on the laziness of attackers is statistically
> useful, but as soon as one becomes an interesting enough target that
> the professionals aim, then professional grade tools (which walz
> through captchas more effectively than normal users can, by far) make
> them useless.


This is true. However, if CAPTCHAS stop the bulk of casual hacking
attempts because the simple hacking scripts just flag that site as not
worth the effort and move onto the next, then the site manager has to
deal with far fewer true hacking attempts (those which are determined to
get in or hurt your web site).

It is better to have a tent with holes in the screen door than no screen
door. If the damaged screen door still prevents 90% of mosquitoes from
getting in, it does let you chase down and kill those that do get in.

Just because a security technique is not bullet proof does not mean it
isn't useful.



More information about the NANOG mailing list