Hey everyone!
I'm currently nose-deep into materiale about service enumeration and saw "False Positives: Service enumeration may sometimes produce false positives, leading to incorrect assumptions about the target's configuration. Ethical hackers should verify findings to avoid wasting time on false leads.".
What I'd like to know is this false lead could be beneficial for the security of the system to lead potential banner grabbers into the dark, or if it opens up to other vulnerabilities than if it's a true positive?(Not that anyone getting a true positive is a good thing though :P )
[link] [comments]
from hacking: security in practice https://ift.tt/0hdQUuv
Comments
Post a Comment