Date: Mon, 4 Dec 2000 22:17:41 -0800 From: Alfred Perlstein <alfred@FreeBSD.ORG> To: Warner Losh <imp@village.org> Cc: security@FreeBSD.ORG Subject: Re: NAPTHA/RAZOR response. Message-ID: <20001204221741.G8051@fw.wintelcom.net> In-Reply-To: <200012050534.WAA67175@harmony.village.org>; from imp@village.org on Mon, Dec 04, 2000 at 10:34:23PM -0700 References: <20001204172505.D8051@fw.wintelcom.net> <200012050534.WAA67175@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* Warner Losh <imp@village.org> [001204 22:05] wrote: > In message <20001204172505.D8051@fw.wintelcom.net> Alfred Perlstein writes: > : Ok, I can't believe what a bunch of hosers these RAZOR/bindview > : guys are, thier "advisory" is nothing new, there was a news article > : about 3 years ago talking about this problem, all that RAZOR seems > : to have done is find a pretty lame and broken way of spoofing the > : source of the attack which doesn't really work. (it's trivial to > : find the source of the attack) > > Yes. We pointed that out to them when they first sent us the attack. > It just pulled together some interesting tricks that had been floating > around for a while. The arp poisoning was particularly interesting, > but requires a machine on the same ethernet segment to be compromised. > But I never got a response to these points.... > > But with enough DDoS boxes, this can present a problem... Honestly I had been sitting on the "response" sploit for about a week or so. I had already heard that they were going to release something like this and sent something like it to the person that informed me. Anyhow, after a week I thought that they realized how lame the advisory was and weren't going to release it, but some people... -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001204221741.G8051>