Penetration Testing mailing list archives
Re: rose fragmentation attack
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 6 Jul 2007 16:36:43 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 27 Jun 2007, Jay wrote: [SNIP]
Its better they know they are susceptable to DoS in a penetration test vs. when their site is offline for hours/days when a botnet comes a knocking.
I don't know, I take that statement as kinda a DUH! There are few if any sites that are not susceptable to DoS. And there are few if any sites that have a real, full, replicated mirror of their network in place to do an exact test of their production setup.
Thanks, Ron DuFresne- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 ...We waste time looking for the perfect lover instead of creating the perfect love. -Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFGjqfest+vzJSwZikRAjbXAJ9eXVgl2upIkPjeKQymXOWbOPwUSACg0YhE CdXfur2SOGpe32rIdHpVvSw= =KCnF -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This List Sponsored by: Cenzic Swap Out your SPI or Watchfire app sec solution for Cenzic's robust, accurate risk assessment and management solution FREE - limited Time Offer http://www.cenzic.com/wf-spi ------------------------------------------------------------------------
Current thread:
- Re: rose fragmentation attack R. DuFresne (Jul 06)
- <Possible follow-ups>
- Re: rose fragmentation attack Jay (Jul 09)
- Re: rose fragmentation attack R. DuFresne (Jul 10)