[<prev] [next>] [<thread-prev] [month] [year] [list]
From: smcmahon at eiv.com (Shawn McMahon)
Subject: Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass
On Mon, Jun 02, 2003 at 03:36:52PM -0500, Brent J. Nordquist said:
>
> LOL, oops. Someone pointed out to me a while back that RFC 2606 reserves
> "example.com" "example.org" and "example.net" for this kind of purpose.
Even barring such considerations as DNS poisoning, wags at ICANN setting
up SMTP servers, etc., it still doesn't strike me as optimal to have
thousands of machines attempting constant SMTP connections to
192.0.34.166 just because an RFC mentioned it was possible.
--
Shawn McMahon | Let every nation know, whether it wishes us well or ill,
EIV Consulting | that we shall pay any price, bear any burden, meet any
UNIX and Linux | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030604/3d36c430/attachment.bin
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux