mailing list archives
Re: shell:windows command question
From: Xavier Beaudouin <kiwi () oav net>
Date: Thu, 8 Jul 2004 11:15:52 +0200
This is not a real security matter
Denial of Service causing the user to reset his system is not a
I don't think that Denial of Service causing local user to reset his
system because of local application locks the whole system... is not a
security problem, but OS + Security problem...
If the M$ Operating System cannot deal with an application that
locks... then the problem not only on application but also the whole
But this DoS is a bit less big than a remote DoS... that can compromise
lots of OS...
BTW I really think that M$ is unresponsible with XP SP1 / SP2 about the
fact the OS cannot be upgraded and fix the numerous holes that such OS
gets all the time.
I am ok with the fact that people *should* buy the OS they use
(especialy if it is a commerial OS), but M$ should take the
responsability of all DDoS that is comming from his broken operating
system that cannot be secured.
This is really a problem for lots of ISP that have "end users" target
and that gets lots of infected system online on xDSL...
Even if M$ will make a patch for <any> hole, it will not be available
nor automatically patched on all "copied" system...
Really we should make that on all our firewall, until MS takes his
block in proto tcp from any os Doors
block in proto tcp from any os "Doors PT"
block in proto tcp from any os "Doors PT SP3"
Replace "Doors" by what you know...
Xavier Beaudouin - Unix System Administrator & Projects Leader.
President of Kazar Organization : http://www.kazar.net/
Please visit http://caudium.net/, home of Caudium & Camas projects
Full-Disclosure - We believe in it.