Re: [Full-Disclosure] Akamai

tcleary2_at_csc.com.au
Date: 06/16/04

  • Next message: Feher Tamas: "[Full-Disclosure] Akamai DoS - insider job?"
    To: full-disclosure@lists.netsys.com
    Date: Wed, 16 Jun 2004 12:55:23 +0800
    
    

    Darren Reed said:

    >What's interesting is that in contrast to old-school protection
    >rackets, there appears to be no offering of protection from attack
    >by others.

    IIRC the main purpose of DoS attacks ( apart from kiddie fights )
    is to allow a trust exploit/MITM to succeed - e.g. session hijacking.

    Maybe someone wanted to plant something by pretending to be the
    WindowsUpdate site?

    If you're akamamai'd, poisoning DNS would be harder, but changing
    IP address wouldn't seem unusual, would it?

    Regards,

    tom.

    ----------------------------------------------------------------------------------------
    Tom Cleary - Security Architect

    "In IT, acceptable solutions depend upon humans - Computers don't
    negotiate."
    ----------------------------------------------------------------------------------------
    This is a PRIVATE message. If you are not the intended recipient, please
    delete without copying and kindly advise us by e-mail of the mistake in
    delivery. NOTE: Regardless of content, this e-mail shall not operate to
    bind CSC to any order or other contract unless pursuant to explicit
    written agreement or government initiative expressly permitting the use of
    e-mail for such purpose.
    ----------------------------------------------------------------------------------------

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Feher Tamas: "[Full-Disclosure] Akamai DoS - insider job?"

    Relevant Pages