Penetration Testing mailing list archives

Re: [PEN-TEST] Hypothetical Wargaming

From: Bennett Todd <bet () RAHUL NET>
Date: Wed, 11 Oct 2000 11:43:52 -0400

2000-10-11-10:33:36 Etaoin Shrdlu:

H Carvey wrote:

Your goal is to "tag" a file.  No DoS allowed.


I always assume that a DoS is cheating. Besides, any
machine/network can be dossed -- proves nothing about the security
of the site.


I'm pretty sure I really agree with you folks on this point, but
just in the spirit of clarifying, we are I trust talking about
purely remote traffic volume DoS-ing, right? You don't mean to
exclude checking for holes that allow a remote user to easily crash
the server, also a DoS, but very definitely a security hole. Using a
DDoS or a handful of big smurf amps or whatever to mow down the
internet link is, I would agree, cheating (although the ease or
difficulty of doing that, i.e. the quality of internet connectivity
the site has provisioned, should be appropriate to their needs), but
there are other sorts of DoS that do deserve checking for.

-Bennett

Attachment: _bin
Description:

Current thread:

[PEN-TEST] Hypothetical Wargaming H Carvey (Oct 07)
- Re: [PEN-TEST] Hypothetical Wargaming Mark Teicher (Oct 09)
- Re: [PEN-TEST] Hypothetical Wargaming Etaoin Shrdlu (Oct 11)
  - Re: [PEN-TEST] Hypothetical Wargaming Bennett Todd (Oct 11)
  - Re: [PEN-TEST] Hypothetical Wargaming van der Kooij, Hugo (Oct 12)
- <Possible follow-ups>
- Re: [PEN-TEST] Hypothetical Wargaming Dunker, Noah (Oct 09)
  - Re: [PEN-TEST] Hypothetical Wargaming Deus, Attonbitus (Oct 10)
- Re: [PEN-TEST] Hypothetical Wargaming Danny DS Stieler (Oct 09)
- Re: [PEN-TEST] Hypothetical Wargaming H Carvey (Oct 11)
  - Re: [PEN-TEST] Hypothetical Wargaming Deus, Attonbitus (Oct 11)