Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: Re: lots of connections to 64.40.117.19 port 80

Re: lots of connections to 64.40.117.19 port 80

From: Joey Mengele <joey.mengele_at_hushmail.com>
Date: Fri, 18 Apr 2008 11:22:43 -0400

News,

On Fri, 18 Apr 2008 11:11:53 -0400 news_at_dmcdonald.net wrote:
>Eh? The closest thing I can think of to what you're saying is if
>the cause
>of a DDOS was stored XSS on a popular site(s) being used get users
>browsers to request information from 64.40.117.19. The XSS would
>be done
>else where, and the DDOS attack itself would contain no 'payload'.
>

That is exactly what I am saying, thank you for clarifying for the
others. Sometimes I am not as articulate as I would like to be.

>In which case filtering user input on his side isnt going to
>anything.
>

Actually, it is going to anything, if done properly.

>Plus, you still have no reason for calling this a textbool case of
>XSS, or
>anything else for that matter. Without seeing the tcpdump, all we
>can do
>is reel of a list of things in might be.
>

Your logic is not correct here. Please rethink this statement.

>Best,
>
>Renski
>

Same,

J 

--
Amazing cruises.  Click here to find great deals.
http://tagline.hushmail.com/fc/Ioyw6h4eRWxit9KgITEla3eJ1ahgSImEFgk0W8lYc76qHVagchTYCE/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Apr 18 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos