[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20110520152523.3562B282418@mail.localdomain>
Date: Fri, 20 May 2011 17:25:14 +0200
From: ascii <ascii@...amail.com>
To: minor.float@...il.com, Full-Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: New DDoS attack vector
Dear minor,
On 05/20/2011 04:06 PM, minor float wrote:
> please note, that the variable 3rd level bypasses the caching.
Right. I forgot that in my reply, sorry.
> imho it's hell about time to do finally something with the point that
> somebody at the icann accepts the fact to have a profit from the spam
> domain registration and other such things. you can blame me that i am
> lame (and this is to all who want to tell that the attack is lame),
> but instead of bitching on me, try to think seriously about
> possibilities how to avoid this and other shit that is going on every
> day. thanks god for all the ppl i've been in touch, we already
> discussed some other workarounds. if you want to contribute, you're
> welcome.
Then just sent an email to FD with a message body of "Hey guys try to
think seriously about possibilities how to avoid this and other shit
that is going on every day.". Not that it wouldn't sound as whining.
Instead you mixed stuff to justify a self-sustained argument.
The point is that the self-sustained argument was already well known
and countless people had worked on it for decades. The SPAM problem is
not new and rendering domain registration a "certified" (omg) process is
both unrealistic and probably not going to fix the root problem at all.
My feeling is that your research would have needed more time and clarity
in order to highlight it's usefulness:
- How it's a useful and novel technique;
- How it can be called efficient (it's not efficient);
- How it protect bots anonymity (it doesn't);
- How it's better than simply sending UDP packets, spoofed or not.
Else for me it's just hype (I mean, read the Subject of the thread:
"New DDoS attack vector"). A deja vu of a Cervantes novel.
I understand your point and disagree, do you understand mine while still
disagreeing?
Cordially,
Francesco `ascii` Ongaro
http://www.ush.it/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists