(scalewithlee.substack.com)

601 points scalewithlee | 2 comments | 25 Apr 25 13:48 UTC | HN request time: 0.442s | source

Show context

Y_Y ◴[25 Apr 25 14:13 UTC] No.43793778[source]▶

Does it block `/etc//hosts` or `/etc/./hosts`? This is a ridiculous kind of whack-a-mole that's doomed to failure. The people who wrote these should realize that hackers are smarter and more determined than they are and you should only rely on proven security, like not executing untrusted input.

replies(6): >>43793862 #>>43793868 #>>43793954 #>>43794072 #>>43794473 #>>43802345 #

mystifyingpoi ◴[25 Apr 25 14:20 UTC] No.43793862[source]▶

>>43793778 #

No one expects any WAF to be a 100% solution that catches all exfiltration attempts ever, and it should not be treated this way. But having it is generally better than not having it.

replies(7): >>43793876 #>>43793969 #>>43794144 #>>43794428 #>>43795337 #>>43796158 #>>43796295 #

smallnix ◴[25 Apr 25 14:29 UTC] No.43793969[source]▶

>>43793862 #

Dropping 0.5% of requests will prevent even the most sophisticated attacks (think APT!). Sometimes.

replies(1): >>43794512 #

1. pyrale ◴[25 Apr 25 15:20 UTC] No.43794512[source]▶

>>43793969 #

Dropping 95% is even more secure, plus it lives the lucky few that get past it a sense of pride and exclusivity.

replies(1): >>43794827 #

2. Y_Y ◴[25 Apr 25 15:43 UTC] No.43794827[source]▶

>>43794512 (TP) #

Is that like a "sense of pride and accomplishment"?

https://knowyourmeme.com/memes/events/star-wars-battlefront-...

↑

Writing "/etc/hosts" breaks the Substack editor