Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

dailydave logo Dailydave mailing list archives

Re: Paul Vixie's response...
From: "Thomas Ptacek" <tqbf () matasano com>
Date: Sun, 13 Jul 2008 19:13:28 -0500
 i've got others (dan kaminsky, david dagon, florian weimer, CMU CERT, jinmei
 tatuya, john kristoff, ben laurie, bert hubert, sean leach) to vouch for me
 not being owned, at least regarding CERT VU# 800113.  i guess there's a way


What's awesome about this is that Vixie thinks that not being
vulnerable to cache poisoning means he's not owned.


 | > 3. Map this list of TXIDs into an internal RNG state using a rainbow
 | > table. This lets you predict the next set of TXID's with just a hash
 | > lookup.
 | > 4. Make a request for mail.google.com and send your spoofed packets to
 | > infect the cache.
 that is so cool!  thanks for all your great work.


What's awesome about this is that Vixie is making fun of you.

-- 
---
Thomas H. Ptacek // matasano security
read us on the web: http://www.matasano.com/log
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]