Update to BCP-38?

• Previous message (by thread): Update to BCP-38?
• Next message (by thread): Update to BCP-38?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 08 Oct 2019 11:53:33 -0600, "Keith Medcalf" said:

> So while the cost of doing the thing may be near-zero, it is not zero.

And in fact, there's more than just the costs of doing it. There's also the costs
of having done it.

Obfuscating your OpenSSH versions is a *really* good way to make your security
scanners that flag backleveled systems fail to flag the systems.

Which can cause a really uncomfortable conversation with the CIO about why the
local newspaper's front page is running a story about how your organization got
totally pwned via a backleveled OpenSSH on one cluster of 5 servers.....

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20191008/3685c740/attachment.sig>

• Previous message (by thread): Update to BCP-38?
• Next message (by thread): Update to BCP-38?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]