lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: Chris at get-tuf.com (Chris Brown)
Subject: Re: DOS all platforms


-----Original Message-----
From: Chris Brown
Sent: 21 January 2004 18:57
To: Lee
Subject: RE: [Full-Disclosure] DOS all platforms


POC has been sent to CERT but they have yet to release it.  I am not trying
to be clever but how does your Firewall connect to the Internet if not
through a router?  The thing to look at here is that this will not be a DOS
directed at "you/your company" but at the Internet in general, if this tool
can take out an entire class C block then you are screwed no matter what
firewall/router you are using.

-----Original Message-----
From: Lee
Sent: 21 January 2004 10:50
To: Chris Brown
Subject: Re: [Full-Disclosure] DOS all platforms


Chris my router wont be the first point of contact for people attaching to
my network, my firewall box is, I read the post and see that cert havent
answered in 50 days and could find a proof of concept, were you more
successful?

Regards
----- Original Message -----
From: "Chris Brown"
To: "Lee"
Sent: Thursday, January 22, 2004 2:38 AM
Subject: RE: [Full-Disclosure] DOS all platforms


> You can have whatever generation firewall you like, if your router (and
> everyone else's) is fragged you are going nowhere!!!  I suggest you read
the
> entire thread to understand just how serious this could be.
>
> -----Original Message-----
> From: Lee
> Sent: 21 January 2004 10:25
> To: Chris Brown
> Subject: Re: [Full-Disclosure] DOS all platforms
>
>
> Some words,
>
> Dynamic Filtering 4th Generation Stateful Firewall......
>
> Ability to control and block UDP packets..
> ----- Original Message -----
> From: "Chris Brown"
> To: <full-disclosure@...ts.netsys.com>
> Sent: Thursday, January 22, 2004 1:54 AM
> Subject: [Full-Disclosure] DOS all platforms
>
>
> > Has anyone been following the thread on NTCanuck ref a DOS vulnerability
> > they have discovered using UDP?  I have no further info than what is in
> this
> > thread:
> > http://ntcanuck.com/net/board/index.php?showtopic=175
> >
> > But if all that they say is true.........We could be busy!!
> >
> > Chris Brown
> > Senior Security Analyst
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
>
>
>
>
>
>






Powered by blists - more mailing lists