Identify web defensive services
Detectable by Common Defenses (Yes/No/Partial): Yes
Explanation: Active service detection may trigger an alert. Passive service enumeration is not detected.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Adversary can passively detect services (e.g., [https://www.cloudflare.com/ CloudFlare] routing) or actively detect services (e.g., by purposefully tripping security defenses)
- Paulino Calderon. (n.d.). http-waf-detect. Retrieved April 2, 2017.