mailing list archives
Re: lots of connections to 18.104.22.168 port 80
From: Valdis.Kletnieks () vt edu
Date: Fri, 18 Apr 2008 11:11:41 -0400
On Fri, 18 Apr 2008 11:01:26 EDT, Joey Mengele said:
I believe you are missing something. XSS is merely a type of
vulnerability. It is very common for an XSS payload to include a
DDoS component. If you had done your research before retorting you
would have known this.
Yes, but although we have evidence that a DDoS of some sort is underway,
we have *ZERO*, *ZIP*, *ZILTCH*, *GOOSE-EGG* indication that an XSS was
involved. For all you know, it was an iframe injection into clients that
visited a compromised webserver that downloaded the DDoS tool.
Sounds more like a "textbook case of calling it an XSS because when you only
have a hammer everything looks like a nail".
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/