RE: Attacks on GRC.com

From: Dave Salovesh (salovesh@ramassociates.com)
Date: 02/28/02

Previous message: Greg Williamson: "Re: "Nimda"?"
Maybe in reply to: HarryM: "RE: Attacks on GRC.com"
Next in thread: Shwaine: "RE: Attacks on GRC.com"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Dave Salovesh <salovesh@ramassociates.com>
To: 'HarryM' <harrym@the-group.org>, incidents@securityfocus.org
Date: Thu, 28 Feb 2002 16:48:33 -0500

Harry,

The attack Gibson describes uses two or three long-known methods. I don't
know if this particular mix deserves a name of its own, but I certainly
haven't heard one.

Here's much more of a poke at Gibson, but it's also a pretty good rebuttal
(of the Gibson's GENESIS solution, at least) from Thomas C. Greene:

http://www.theregister.co.uk/content/55/24189.html

-- 
Dave Salovesh
RAM Associates, Inc.
(800) 543-3635
> -----Original Message-----
> From: HarryM [mailto:harrym@the-group.org]
> Sent: Thursday, February 28, 2002 5:46 AM
> To: incidents@securityfocus.org
> Subject: RE: Attacks on GRC.com
> 
> 
> To the moderator:
>     I'm not sure if this is on-topic for incidents since it's 
> kind've a poke
> at steve gibson as well as a question :)
>     Would you mind sending this to the appropriate list if 
> incidents is the
> wrong one? I'm on incidents, bugtraq, vuln-dev and webappsec.
>     Thanks.
> 
> RE Gibson's 'report' here: http://grc.com/dos/drdos.htm
> 
> I know i heard about this type of attack quite soem time ago, 
> although i
> don't remember it being given a name. Gibson has dubbed this 
> a 'Distributed
> Reflection Denial of Service' attack in his typical 
> 'media-darling' style.
> Has the *real* security community given this type of attack a 
> name? If so,
> what? And is there any defence, possibly automated, that 
> server admins can
> implement against innocent servers being abused in this way 
> by crackers? Are
> there any IDSs that can detect this type of activity?
> 
> I'm new to security in general so forgive me if any of those 
> questions are
> dumb!
> 
> Harry
> 
> 
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com
> 
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Previous message: Greg Williamson: "Re: "Nimda"?"
Maybe in reply to: HarryM: "RE: Attacks on GRC.com"
Next in thread: Shwaine: "RE: Attacks on GRC.com"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]