lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 15 Aug 2007 10:38:31 +0200
From: Robert Scheck <>
To: SecurityFocus BugTraq <>
Cc: Thierry Zoller <>
Subject: Re: Remote Denial of Service for SSH service at Dell DRAC4
	(maybeMocana SSH)

Hello Thierry,

On Mon, 13 Aug 2007, Thierry Zoller wrote:
> Have you tried to pin down the actualy requests that bring the service
> down ? As the nmap service probes are easy to read _ Have you tried
> reproducing the behaviour by sending the requests listed in the nmap
> service probe file ?

thanks for your suggestion. No, I didn't try this, because the servers
containing the DRAC4 cards are in productive use and I don't want to
enlarge downtimes. As in the advisory already described, the vendor seems
to be able to reproduce the issue.

I'm sorry, but for the moment I'm unable to do so anyway, because of the
new paragraph/law of combat of computer crime rate here in Germany. First
I would have to contact a lawyer to make sure, that these actions aren't
criminal at all.

With kind regards

Robert Scheck

Robert Scheck
Web:         E-Mail:
ETES GmbH  Libanonstrasse 58 A  D-70184 Stuttgart
Fon: +49 (7 11) 48 90 83 - 12   Fax: +49 (7 11) 48 90 83 - 50

Registergericht: Amtsgericht Stuttgart HRB 721182
Geschäftsführende Gesellschafter: Markus Espenhain und Jan Theofel
Sitz der Gesellschaft: Stuttgart
USt.-Id.Nr.: DE814767446

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists