lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 21 Aug 2007 15:18:22 -0400
From: "Jay" <jay.tomas@...osecguru.com>
To: <rdobbins@...co.com>, <bugtraq@...urityfocus.com>
Subject: Re: Skype Network Remote DoS Exploit

Am I missing something or if it was a concentrated DOS by bots or mischievous cretins, wouldnt we have network evidence like we see in another DOS situations. If the traffic was examined wouldnt we see different findings e.g. malicious calls vs. regular login traffic causing Skype's internal algorithms to choke?

Jay

----- Original Message -----
From: Roland Dobbins [mailto:rdobbins@...co.com]
To: bugtraq@...urityfocus.com
Sent: Tue, 21 Aug 2007 10:44:34 -0700
Subject: Re: Skype Network Remote DoS Exploit


On Aug 20, 2007, at 6:52 PM, Valery Marchuk wrote:

>  someone made a mistake in the code

I've no insight at all into this issue beyond what's been publicly  
disseminated, but it's important to note that the Skype folks  
explicitly stated that there was some sort of flaw in their P2P  
communications mechanisms which led to the outage, FWIW.

AFAIK, Sype didn't blame Microsoft - they blamed a code flaw on their  
part and stated that the coincidence of lots of reboots associated  
with the most recent Microsoft updates exposed the Skype code flaw  
(again, I've no insight into this matter beyond what Skype have  
publicly stated).

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@...co.com> // 408.527.6376 voice

	   I don't sound like nobody.

                -- Elvis Presley


Powered by blists - more mailing lists