RE: A question for the list...
From: Bojan Zdrnja (Bojan.Zdrnja_at_LSS.hr)
Date: 05/25/03
- Previous message: terry white: "is this new ..."
- In reply to: Ray Stirbei: "Re: A question for the list..."
- Next in thread: Luc Pardon: "RE: A question for the list..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <incidents@securityfocus.com> Date: Sun, 25 May 2003 12:34:05 +1200
Just my two cents on this topic ...
Although I agree that counter attack _can_ be effective, I don't think it's
very feasible.
Take SQLSlammer for example. It's whole payload is one UDP packet 376 bytes
big. Did you see that? UDP? Spoofing packets? Hell yes. Now, how do you know
who is the real source of that packet. There is no way to know it.
Now, of course, you can say that SQLSlammer doesn't spoof source packet IP
address, but who says that won't happen in the future.
So we have 2 grey areas of counter attacks: first is the legality of it and
second is actual feasibility. I don't think this can hold water ...
Best regards,
Bojan Zdrnja
----------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.
To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-incidents
----------------------------------------------------------------------------
- Previous message: terry white: "is this new ..."
- In reply to: Ray Stirbei: "Re: A question for the list..."
- Next in thread: Luc Pardon: "RE: A question for the list..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
