Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 04 Dec 2000 22:34:23 -0700
From:      Warner Losh <imp@village.org>
To:        Alfred Perlstein <alfred@FreeBSD.ORG>
Cc:        security@FreeBSD.ORG
Subject:   Re: NAPTHA/RAZOR response. 
Message-ID:  <200012050534.WAA67175@harmony.village.org>
In-Reply-To: Your message of "Mon, 04 Dec 2000 17:25:07 PST." <20001204172505.D8051@fw.wintelcom.net> 
References:  <20001204172505.D8051@fw.wintelcom.net>  

next in thread | previous in thread | raw e-mail | index | archive | help
In message <20001204172505.D8051@fw.wintelcom.net> Alfred Perlstein writes:
: Ok, I can't believe what a bunch of hosers these RAZOR/bindview
: guys are, thier "advisory" is nothing new, there was a news article
: about 3 years ago talking about this problem, all that RAZOR seems
: to have done is find a pretty lame and broken way of spoofing the
: source of the attack which doesn't really work. (it's trivial to
: find the source of the attack)

Yes.  We pointed that out to them when they first sent us the attack.
It just pulled together some interesting tricks that had been floating
around for a while.  The arp poisoning was particularly interesting,
but requires a machine on the same ethernet segment to be compromised.
But I never got a response to these points....

But with enough DDoS boxes, this can present a problem...

Warner



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012050534.WAA67175>