Re: MSRPC vulnerability 1 billion and six?

[Thomas Lakofski <thomas () 88 net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

halvar () gmx de wrote:
> Hey all,
>
> > I really want to inject Ethereal into every process as a network shim,
> > and have it throw away any packets it doesn't know how to parse. I
> > think that'd be a neat tool for stopping this sort of thing. 
>
>
> Just what we need: In order to deal with faulty parsers, throw more
> parsers into the address space. Way to go ! :-)

well, at least it'd be a parser you could control.  i spent lots of time about
five years ago defending garbage that was written for internal use only, when
they decided that they really wanted it on the Internet.  it was much easier to
inline a (simple) new parser written to the data spec the application logic was
expecting, than to convince the application developers to fix their junk... as
far as they were concerned it was someone else's problem.

but yes, it is horribly unaesthetic; sometimes the most pragmatic path is also
the ugliest.

- --
Thomas Lakofski +44 70 9228 8229
'Reality is that which, when you stop believing in it, doesn't go away' --PKD
gpg: 1024D/81FD4B43  2B72 53DB 8104 2041 BDB4  F053 4AE5 01DF 81FD 4B43
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDgEpaSuUB34H9S0MRAqG3AJ9h35HqUYR28lGQ8hC239TzBgkp4QCeKOfJ
rkYruUeUpo96zGK++rPc4Q4=
=s1r9
-----END PGP SIGNATURE-----