lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <24dc08970709201037x26bc9bc2j39b260796e0b8d94@mail.gmail.com>
Date: Thu, 20 Sep 2007 23:07:34 +0530
From: "Lamer Buster" <lamerbuster@...il.com>
To: "J. Oquendo" <sil@...iltrated.net>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>,
	Aditya K Sood <zeroknock@...niche.org>
Subject: Re: [Mlabs] Scrutinising SIP Payloads - Someone
	break his e-kneecaps please

JO: expect a mail after this from some  fake gmail id with terrible
Hinglish and extreamly kiddish slangs :D



On 9/20/07, J. Oquendo <sil@...iltrated.net> wrote:
> First of all you should credit ALL the individuals, companies and sites
> you rip your information from else its called plagiarism
>
> On Page 12. Word for word you simply copied:
> http://www.cisco.com/en/US/docs/voice_ip_comm/sip/proxies/2.0/release/notes/stnSolRn.html
>
> "Temper the contents and make it work according to attackers usage."
> What the hell are you talking about...
>
> You stated "The Cisco proxy server does not accept calls after 150 cps"
> I don't know what the hell you were using but Netra's can easily push in
> upwards of CPS, IBM X's 1000 via udp, 200+ via tcp...
>
> On Page 19 you stated "Wiretapping Attacks: These are the generic class
> of attacks which take place when modification of communication channel
> is done by an attacker between two parties." ... Really? So when I'm
> running VoIPong and "nothing" is getting modified yet I'm steady
> recording a conversation what is this called. An unmodified wiretapping
> attack.
>
> That paper was yet another waste of time for me to read. Instead of
> copying and pasting to your hearts content and putting together
> something that makes sense only to you, why don't you first try to
> understand 1) what the hell you're talking about 2) what the hell you're
> writing about 3) what the protocol truly does and then - what attacks
> are possible based on something you truly know - as opposed to something
> you may think sounds logical.
>
> Page 28: "It can be exploited by the attackers to have Denial of service
> attacks. The mechanism starts from the payload designing. The actual
> infection starts or is mainly coded in the payload itself by the
> attackers." What kind of high potent hashish are you smoking?
>
> Outside of these ignorant assumptions you make based on what I infer as
> an overall lack of knowledge on the subject, I could barely skim through
> the rest of your document since it was mainly terrible english with huge
> chunks of copied RFC material and ramblings that made zero sense.
> Nothing worth noting - other than me repeating in my head "this jackass
> should STFU and learn what he's talking about instead of making an idiot
> out of himself"
>
> And I don't mean to sound harsh - well yea I do, but that's irrelevant.
> What you're doing is flooding the industry with bullshit documents that
> those without a clue might read and become even more clueless. Please
> stop your ramblings.
>
> ====================================================
> J. Oquendo
> "Excusatio non petita, accusatio manifesta"
>
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF684C42E
> sil . infiltrated @ net http://www.infiltrated.net
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ