Hacker News new | past | comments | ask | show | jobs | submit login

Why would they only care about that if they're trying to hack into a system?



Unless they are specifically targeting that system my assumption would be that they are just looking for open ports for known services, then if found checking if exploits work or not, and if not move on. I could very well be wrong but from a practical standpoint I can’t imagine this service mattering to someone that is running a program to scan for open ports with vulnerabilities.


I might just be regurgitating the article, but isn't the point that it can massively increase the time and effort it takes to scan a system for valid vulnerabilities?


What I’m saying though is that if I were running a script like this, unless I’m targeting a specific ip, I would just be scanning known ports for known vulnerabilities. I wouldn’t be scanning every single port.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: