lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3F3CD92C.24289.1E3CA9@localhost>
From: cta at hcsin.net (Bernie, CTA)
Subject: msblast is starting now

Now I don't think that was such a smart move. 

It wouldn't take much to setup a bunch of bogus DNS servers to 
answer as "windowsupdate.com" with a pointer to a new A record, 
or better yet, round-robin to an infinite number of FQDN, or IP 
addresses.  In fact, a new variant placed on compromised system 
could help (direct) windows TCP/IP to find and use these bogus 
NS, giving almost endless control of the target address.

Hey, great pre-school project for the script kiddies!


On 15 Aug 2003 at 12:05, Jonathan Rickman wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Friday 15 August 2003 07:03, B3r3n wrote:
> > msblast start now on far eastern countries. We have a site in
> > Auckland and so I'll know soon if our DNS to localhost
> > protection is valuable.
> 
> It is irrelevant now. MS has removed the DNS entries for
> windowsupdate.com.
> 
-
****************************************************
Bernie 
Chief Technology Architect
Chief Security Officer
cta@...in.net
Euclidean Systems, Inc.
*******************************************************
// "There is no expedient to which a man will not go 
//    to avoid the pure labor of honest thinking."   
//     Honest thought, the real business capital.    
//      Observe> Think> Plan> Think> Do> Think>      
*******************************************************



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ