nanog mailing list archives

Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...)

From: Jean-Francois Mezei <jfmezei_nanog () vaxination ca>
Date: Thu, 24 Jan 2013 16:43:47 -0500

On 13-01-24 13:52, George Herbert wrote:

It's true that relying on the laziness of attackers is statistically
useful, but as soon as one becomes an interesting enough target that
the professionals aim, then professional grade tools (which walz
through captchas more effectively than normal users can, by far) make
them useless.



This is true. However, if CAPTCHAS stop the bulk of casual hacking
attempts because the simple hacking scripts just flag that site as not
worth the effort and move onto the next, then the site manager has to
deal with far fewer true hacking attempts (those which are determined to
get in or hurt your web site).

It is better to have a tent with holes in the screen door than no screen
door. If the damaged screen door still prevents 90% of mosquitoes from
getting in, it does let you chase down and kill those that do get in.

Just because a security technique is not bullet proof does not mean it
isn't useful.

Current thread:

Re: Suggestions for the future on your web site: (was cookies, and, (continued)
- - - Re: Suggestions for the future on your web site: (was cookies, and Andrew Sullivan (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and Mike A (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and Joe Greco (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and David Barak (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and Rich Kulawiec (Jan 25)
    - Re: Suggestions for the future on your web site: (was cookies, and Joe Greco (Jan 25)
    - Re: Suggestions for the future on your web site: (was cookies, and Michael Thomas (Jan 26)
    - Re: Suggestions for the future on your web site: (was cookies, and Jimmy Hess (Jan 26)
    - Re: Suggestions for the future on your web site: (was cookies, and Jean-Francois Mezei (Jan 30)
    - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) George Herbert (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) Jean-Francois Mezei (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) Andrew Sullivan (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and Joe Greco (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and . (Jan 25)
    - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) Scott Howard (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) Jimmy Hess (Jan 24)
    - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) . (Jan 21)
    - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) . (Jan 21)
- Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) Scott Weeks (Jan 21)
  - Re: Suggestions for the future on your web site: (was cookies, and before that Re: Dreamhost hijacking my prefix...) Jean-Francois Mezei (Jan 21)
    - Re: Security reporting response handling [was: Suggestions for the future on your web site] Matt Palmer (Jan 22)

(Thread continues...)