|
Penetration Testing
mailing list archives
Re: [PEN-TEST] Hypothetical Wargaming
From: Bennett Todd <bet () RAHUL NET>
Date: Wed, 11 Oct 2000 11:43:52 -0400
2000-10-11-10:33:36 Etaoin Shrdlu:
H Carvey wrote:
Your goal is to "tag" a file. No DoS allowed.
I always assume that a DoS is cheating. Besides, any
machine/network can be dossed -- proves nothing about the security
of the site.
I'm pretty sure I really agree with you folks on this point, but
just in the spirit of clarifying, we are I trust talking about
purely remote traffic volume DoS-ing, right? You don't mean to
exclude checking for holes that allow a remote user to easily crash
the server, also a DoS, but very definitely a security hole. Using a
DDoS or a handful of big smurf amps or whatever to mow down the
internet link is, I would agree, cheating (although the ease or
difficulty of doing that, i.e. the quality of internet connectivity
the site has provisioned, should be appropriate to their needs), but
there are other sorts of DoS that do deserve checking for.
-Bennett
Attachment:
_bin
Description:
 By Date 
By Thread
Current thread:
|
Intro
