>Why would you think it's in milliseconds? Are you generalising on port scanning?
I am, since that seems to be the primary example used in the original article and the main example being discussed in the comments.
I think that's fair, since obscurity does the most to help against non-persistent threats. Persistent threats have targeted you for some reason, and that targeting means they are willing to employ more resources to get through your security. In that situation you should be focusing on adding as many layers of security that you know have protections besides just 'not being known' as you can, especially when there are tools out there that are specific in helping make them known.
I am, since that seems to be the primary example used in the original article and the main example being discussed in the comments.
I think that's fair, since obscurity does the most to help against non-persistent threats. Persistent threats have targeted you for some reason, and that targeting means they are willing to employ more resources to get through your security. In that situation you should be focusing on adding as many layers of security that you know have protections besides just 'not being known' as you can, especially when there are tools out there that are specific in helping make them known.