Dailydave mailing list archives
Re: MSRPC vulnerability 1 billion and six?
From: Thomas Lakofski <thomas () 88 net>
Date: Sun, 20 Nov 2005 10:05:14 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 halvar () gmx de wrote:
Hey all,I really want to inject Ethereal into every process as a network shim, and have it throw away any packets it doesn't know how to parse. I think that'd be a neat tool for stopping this sort of thing.Just what we need: In order to deal with faulty parsers, throw more parsers into the address space. Way to go ! :-)
well, at least it'd be a parser you could control. i spent lots of time about five years ago defending garbage that was written for internal use only, when they decided that they really wanted it on the Internet. it was much easier to inline a (simple) new parser written to the data spec the application logic was expecting, than to convince the application developers to fix their junk... as far as they were concerned it was someone else's problem. but yes, it is horribly unaesthetic; sometimes the most pragmatic path is also the ugliest. - -- Thomas Lakofski +44 70 9228 8229 'Reality is that which, when you stop believing in it, doesn't go away' --PKD gpg: 1024D/81FD4B43 2B72 53DB 8104 2041 BDB4 F053 4AE5 01DF 81FD 4B43 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDgEpaSuUB34H9S0MRAqG3AJ9h35HqUYR28lGQ8hC239TzBgkp4QCeKOfJ rkYruUeUpo96zGK++rPc4Q4= =s1r9 -----END PGP SIGNATURE-----
Current thread:
- Re: MSRPC vulnerability 1 billion and six?, (continued)
- Re: MSRPC vulnerability 1 billion and six? Nicolas RUFF (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Alexander Sotirov (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? H D Moore (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Nicolas RUFF (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Thomas Lakofski (Nov 20)
- Re: MSRPC vulnerability 1 billion and six? H D Moore (Nov 17)
- Re: MSRPC vulnerability 1 billion and six? Dave Aitel (Nov 17)