Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: lots of connections to 64.40.117.19 port 80
From: Valdis.Kletnieks () vt edu
Date: Fri, 18 Apr 2008 11:11:41 -0400

On Fri, 18 Apr 2008 11:01:26 EDT, Joey Mengele said:
I believe you are missing something. XSS is merely a type of 
vulnerability. It is very common for an XSS payload to include a 
DDoS component. If you had done your research before retorting you 
would have known this.

Yes, but although we have evidence that a DDoS of some sort is underway,
we have *ZERO*, *ZIP*, *ZILTCH*, *GOOSE-EGG* indication that an XSS was
involved.  For all you know, it was an iframe injection into clients that
visited a compromised webserver that downloaded the DDoS tool.

Sounds more like a "textbook case of calling it an XSS because when you only
have a hammer everything looks like a nail".

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]