lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20031209145040.32614.qmail@sf-www2-symnsj.securityfocus.com>
Date: 9 Dec 2003 14:50:40 -0000
From: <tonyl@....ltd.uk>
To: bugtraq@...urityfocus.com
Subject: Is this the first case of a Distributed Denial of Physical Service?




Hi,

Please see:

http://www.theregister.co.uk/content/6/34388.html
http://www.cambs.police.uk/camops/press_releases/press_releases.asp?ID=1992

It appears that an individual has successfully socially engineered a distributed denial of physical service (DDoPS?).

A (hoax) email had been sent out to individuals informing them of their latest purchase and that their credit card had been charged accordingly.

As the individuals had not ordered iPods at £399.95, they were socially engineered into calling the customer service line given in the email.

This telephone number happened to be for the UK's Cambridgeshire Constabulary (police) Main Switchboard.

At the peak of this DDoPS, the switchboard was receiving 500 calls an hour, effectively denying the usual use of this telephone service.

It appears that a whole range of "systems" and processes may be vulnerable to this type of attack and raises some interesting points to consider...

Kind regards,

Tony Langley
Systems Architect
S2S Limited


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ