Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: A question for the list...

From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Sun, 25 May 2003 12:34:05 +1200
Just my two cents on this topic ...

Although I agree that counter attack _can_ be effective, I don't think it's
very feasible.

Take SQLSlammer for example. It's whole payload is one UDP packet 376 bytes
big. Did you see that? UDP? Spoofing packets? Hell yes. Now, how do you know
who is the real source of that packet. There is no way to know it.
Now, of course, you can say that SQLSlammer doesn't spoof source packet IP
address, but who says that won't happen in the future.

So we have 2 grey areas of counter attacks: first is the legality of it and
second is actual feasibility. I don't think this can hold water ...

Best regards,

Bojan Zdrnja



----------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies
that are enforced to protect WLANs from known vulnerabilities and threats.
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:
http://www.securityfocus.com/AirDefense-incidents
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: