Any additional effort put in by an attacker will increase the chance of an
attack being detected before it is successful. COnsider the following two
scenerios.
Scenerio 1 is a webserver that makes no effort to obfuscate:
1. Attacker does HEAD request on /, which is a legitmate request, and
Not everyone attacking your systems is going to have the skills or knowledge to
get in though - simple tricks (like hiding what web server you use) can prevent
casual attacks from script kiddies and others who aren't committed to targeting
you, freeing your security teams to focus on the
2 matches
Mail list logo
