Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: Re: Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass

Re: Re: CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass

From: Shawn McMahon <smcmahon_at_eiv.com>
Date: Wed, 4 Jun 2003 12:34:43 -0400

On Mon, Jun 02, 2003 at 03:36:52PM -0500, Brent J. Nordquist said:
>
> LOL, oops. Someone pointed out to me a while back that RFC 2606 reserves
> "example.com" "example.org" and "example.net" for this kind of purpose.

Even barring such considerations as DNS poisoning, wags at ICANN setting
up SMTP servers, etc., it still doesn't strike me as optimal to have
thousands of machines attempting constant SMTP connections to
192.0.34.166 just because an RFC mentioned it was possible. 

-- 
Shawn McMahon     | Let every nation know, whether it wishes us well or ill,
EIV Consulting    | that we shall pay any price, bear any burden, meet any
UNIX and Linux	  | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  • application/pgp-signature attachment: stored
Received on Jun 04 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos