| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Sep 2007 23:07:34 +0530 From: "Lamer Buster" <lamerbuster@...il.com> To: "J. Oquendo" <sil@...iltrated.net> Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>, Aditya K Sood <zeroknock@...niche.org> Subject: Re: [Mlabs] Scrutinising SIP Payloads - Someone break his e-kneecaps please JO: expect a mail after this from some fake gmail id with terrible Hinglish and extreamly kiddish slangs :D On 9/20/07, J. Oquendo <sil@...iltrated.net> wrote: > First of all you should credit ALL the individuals, companies and sites > you rip your information from else its called plagiarism > > On Page 12. Word for word you simply copied: > http://www.cisco.com/en/US/docs/voice_ip_comm/sip/proxies/2.0/release/notes/stnSolRn.html > > "Temper the contents and make it work according to attackers usage." > What the hell are you talking about... > > You stated "The Cisco proxy server does not accept calls after 150 cps" > I don't know what the hell you were using but Netra's can easily push in > upwards of CPS, IBM X's 1000 via udp, 200+ via tcp... > > On Page 19 you stated "Wiretapping Attacks: These are the generic class > of attacks which take place when modification of communication channel > is done by an attacker between two parties." ... Really? So when I'm > running VoIPong and "nothing" is getting modified yet I'm steady > recording a conversation what is this called. An unmodified wiretapping > attack. > > That paper was yet another waste of time for me to read. Instead of > copying and pasting to your hearts content and putting together > something that makes sense only to you, why don't you first try to > understand 1) what the hell you're talking about 2) what the hell you're > writing about 3) what the protocol truly does and then - what attacks > are possible based on something you truly know - as opposed to something > you may think sounds logical. > > Page 28: "It can be exploited by the attackers to have Denial of service > attacks. The mechanism starts from the payload designing. The actual > infection starts or is mainly coded in the payload itself by the > attackers." What kind of high potent hashish are you smoking? > > Outside of these ignorant assumptions you make based on what I infer as > an overall lack of knowledge on the subject, I could barely skim through > the rest of your document since it was mainly terrible english with huge > chunks of copied RFC material and ramblings that made zero sense. > Nothing worth noting - other than me repeating in my head "this jackass > should STFU and learn what he's talking about instead of making an idiot > out of himself" > > And I don't mean to sound harsh - well yea I do, but that's irrelevant. > What you're doing is flooding the industry with bullshit documents that > those without a clue might read and become even more clueless. Please > stop your ramblings. > > ==================================================== > J. Oquendo > "Excusatio non petita, accusatio manifesta" > > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E > sil . infiltrated @ net http://www.infiltrated.net > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists