| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: smacdougall at idanalytics.com (MacDougall, Shane) Subject: Veriscum badness... Hmmm, couldn't somebody so motivated create a distributed tool that generates tons o' requests to random fake addresses? This would effectively cause a de facto DOS attack on Veriscum, but I'm not sure if it would be prosecutable since no actual site was being targeted... After all, if you happen to hit fakesites1.com, fakesites2.com, fakesites3.com, etc etc. who would be the affected party? The sites don't exist - there's no sysadmin scrambling to block the traffic, there's no hardware being hammered (directly at least). I don't think Veriscum would have a case because the requests weren't aimed at Veriscum or any of their subsidiaries... Just because they decided to point unresolved URLs to their site unilaterally doesn't seem to me to be basis enough for a complaint. Of course I could be (and often am) wrong. Just wondering... =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Shane MacDougall Lead Security Officer ID Analytics San Diego, California USA Direct: (858) 427-2860 Toll Free: 866-240-4484 x 2860 Fax: 858-427-2899
Powered by blists - more mailing lists