Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: lots of connections to 64.40.117.19 port 80
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Fri, 18 Apr 2008 11:22:43 -0400

News,

On Fri, 18 Apr 2008 11:11:53 -0400 news () dmcdonald net wrote:
Eh? The closest thing I can think of to what you're saying is if 
the cause
of a DDOS was stored XSS on a popular site(s) being used get users
browsers to request information from 64.40.117.19. The XSS would 
be done
else where, and the DDOS attack itself would contain no 'payload'.


That is exactly what I am saying, thank you for clarifying for the 
others. Sometimes I am not as articulate as I would like to be.

In which case filtering user input on his side isnt going to 
anything.


Actually, it is going to anything, if done properly.

Plus, you still have no reason for calling this a textbool case of 
XSS, or
anything else for that matter. Without seeing the tcpdump, all we 
can do
is reel of a list of things in might be.


Your logic is not correct here. Please rethink this statement.

Best,

Renski


Same,

J

--
Amazing cruises.  Click here to find great deals.
http://tagline.hushmail.com/fc/Ioyw6h4eRWxit9KgITEla3eJ1ahgSImEFgk0W8lYc76qHVagchTYCE/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault