Full Disclosure mailing list archives
Re: Should nmap cause a DoS on cisco routers?
From: Dan Kaminsky <dan () doxpara com>
Date: Fri, 2 Jul 2010 20:07:32 +0200
DR> And many of them could be mitigated via BCPs until such time as DR> fixed code could be deployed, as well. There it is again, BCP. Is this the new "IDS" ?
Best Practices are what forms when Ops guys are given broken systems and told to make them work. This isn't meant in a derogatory way. Do you like things working? I sure do. If it takes rules like "don't run trivial networking scanners on the VoIP network" to keep the phones running, well, guess what. There is a problem that this masks issues. Attacker's aren't exactly known for saying, "I'd own your network, but that would violate best practices, so I won't." VoIP code (speaking from fairly direct experience) is aggressively fragile, partially since it comes from a background where the presumption was that all traffic was trusted, and partially because the specs are so hideously turgid. In the short run, best practices are the only way to keep this stuff stable. In the long run...what's that? Just gotta get to the next quarter...
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Should nmap cause a DoS on cisco routers?, (continued)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Lee (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? Dan Kaminsky (Jul 01)
- Re: Should nmap cause a DoS on cisco routers? AMILABS (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dan Kaminsky (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Mailing lists at Core Security Technologies (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Fyodor (Jul 06)
- Re: Should nmap cause a DoS on cisco routers? coderman (Jul 07)
- Re: Should nmap cause a DoS on cisco routers? Benji (Jul 08)
- Message not available
- Re: Should nmap cause a DoS on cisco routers? coderman (Jul 08)
- Re: Should nmap cause a DoS on cisco routers? Florian Weimer (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Dobbins, Roland (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Thierry Zoller (Jul 02)
- Re: Should nmap cause a DoS on cisco routers? Champ Clark III [Softwink] (Jul 02)