Jul 11, 2017

Why excessive headers are bad

  • They expose what version of software is running on the server, reducing the work an attacker needs to do before trying to attack the system.
  • Headers are the same for a normal user or an attacker. So, a known long string of characters in an encrypted data stream might aid an attacker in cracking open the encrypted TLS connection of another user.
  • It’s a general waste of bandwidth and processing power.

Post a Comment

Featured Post

Modern tar recognizes the file format

One command works with any supported compression method. tar xf archive.tar.xz tar xf archive.tar.gz tar xf archive.tar etc. ...