alt Hacker NewsIf port numbers were 64bit or 128bit, actually it would provide a meaningful amount of security through obscurity. Port numbers are easy to dunk on because it’s such a trivially small search space.
Replies
gavmor • yesterday at 9:24 PM
But at this point, that's like saying my password is merely 'obscure.'
i_think_so • yesterday at 8:27 PM
Good luck scanning 64k ports on a server that has a few randomly assigned fail2ban listeners.
Similarly I've often flip-flopped on the safety of public API endpoints that are "protected" by virtue of no sitemap + UUIDs in the URL path - I think the answer ultimately is that this is fine so long as there's no way to enumerate the IDs in use?