Update to BCP-38?

• Previous message (by thread): Update to BCP-38?
• Next message (by thread): Update to BCP-38?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 8 Oct 2019 13:59:58 +0000, Mark Collins
<mark.collins at mariestopes.org> may have written:
> Not everyone attacking your systems is going to have the skills or
> knowledge to get in though - simple tricks (like hiding what web server
> you use) can prevent casual attacks from script kiddies and others who
> aren't committed to targeting you, freeing your security teams to focus
> on the serious threats.

Er ... no. Not according to real world data (my firewall logs).

Most attacks are fully automated and they don't (always) bother with
complex logic to determine which attacks to try. For instance I constantly
see Apache struts attacks against servers that a) may or may not be running
Apache (the headers are removed) b) definitely aren't running Struts. 

In fact many attacks are sufficiently automated that the human behind the
scenes won't even know a system has been compromised if it doesn't
successfully pick up the second stage of the payload and 'phone home'.

-- 
Mike Meredith, University of Portsmouth
Chief Systems Engineer, Hostmaster, Security, and Timelord!
 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20191009/114b1494/attachment.sig>

• Previous message (by thread): Update to BCP-38?
• Next message (by thread): Update to BCP-38?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]