| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Aug 2007 10:38:31 +0200
From: Robert Scheck <scheck@...s.de>
To: SecurityFocus BugTraq <bugtraq@...urityfocus.com>
Cc: Thierry Zoller <thierry@...ler.lu>
Subject: Re: Remote Denial of Service for SSH service at Dell DRAC4
(maybeMocana SSH)
Hello Thierry,
On Mon, 13 Aug 2007, Thierry Zoller wrote:
> Have you tried to pin down the actualy requests that bring the service
> down ? As the nmap service probes are easy to read _ Have you tried
> reproducing the behaviour by sending the requests listed in the nmap
> service probe file ?
thanks for your suggestion. No, I didn't try this, because the servers
containing the DRAC4 cards are in productive use and I don't want to
enlarge downtimes. As in the advisory already described, the vendor seems
to be able to reproduce the issue.
I'm sorry, but for the moment I'm unable to do so anyway, because of the
new paragraph/law of combat of computer crime rate here in Germany. First
I would have to contact a lawyer to make sure, that these actions aren't
criminal at all.
With kind regards
Robert Scheck
--
Robert Scheck
Web: http://www.etes.de E-Mail: scheck@...s.de
ETES GmbH Libanonstrasse 58 A D-70184 Stuttgart
Fon: +49 (7 11) 48 90 83 - 12 Fax: +49 (7 11) 48 90 83 - 50
Registergericht: Amtsgericht Stuttgart HRB 721182
Geschäftsführende Gesellschafter: Markus Espenhain und Jan Theofel
Sitz der Gesellschaft: Stuttgart
USt.-Id.Nr.: DE814767446
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists