lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CDEHICADNGDHIPLNMLBFGEHECCAA.Chris@get-tuf.com> From: Chris at get-tuf.com (Chris Brown) Subject: Re: DOS all platforms -----Original Message----- From: Chris Brown Sent: 21 January 2004 18:57 To: Lee Subject: RE: [Full-Disclosure] DOS all platforms POC has been sent to CERT but they have yet to release it. I am not trying to be clever but how does your Firewall connect to the Internet if not through a router? The thing to look at here is that this will not be a DOS directed at "you/your company" but at the Internet in general, if this tool can take out an entire class C block then you are screwed no matter what firewall/router you are using. -----Original Message----- From: Lee Sent: 21 January 2004 10:50 To: Chris Brown Subject: Re: [Full-Disclosure] DOS all platforms Chris my router wont be the first point of contact for people attaching to my network, my firewall box is, I read the post and see that cert havent answered in 50 days and could find a proof of concept, were you more successful? Regards ----- Original Message ----- From: "Chris Brown" To: "Lee" Sent: Thursday, January 22, 2004 2:38 AM Subject: RE: [Full-Disclosure] DOS all platforms > You can have whatever generation firewall you like, if your router (and > everyone else's) is fragged you are going nowhere!!! I suggest you read the > entire thread to understand just how serious this could be. > > -----Original Message----- > From: Lee > Sent: 21 January 2004 10:25 > To: Chris Brown > Subject: Re: [Full-Disclosure] DOS all platforms > > > Some words, > > Dynamic Filtering 4th Generation Stateful Firewall...... > > Ability to control and block UDP packets.. > ----- Original Message ----- > From: "Chris Brown" > To: <full-disclosure@...ts.netsys.com> > Sent: Thursday, January 22, 2004 1:54 AM > Subject: [Full-Disclosure] DOS all platforms > > > > Has anyone been following the thread on NTCanuck ref a DOS vulnerability > > they have discovered using UDP? I have no further info than what is in > this > > thread: > > http://ntcanuck.com/net/board/index.php?showtopic=175 > > > > But if all that they say is true.........We could be busy!! > > > > Chris Brown > > Senior Security Analyst > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > > > > >
Powered by blists - more mailing lists