Re: Hmph

["Tucker Dummychuck" <dummychuck () gmail com>]

I'm not sure I see why we need a 3rd-party patch so urgently. The mitigation
described by MS works and is fairly painless, so presumably you'd start with
that if you are running DNS, and then wait for the patch from MS?

I agree that it was only a matter of time before hackers identified the flaw
- either using the info on the ISC diary page or from MS's advisory. Perhaps
saying that it was a stack BO made it a *little* easier to find, but that
would be the obvious thing to start looking for in the first place.

Tucker.


On 4/16/07, Dave Aitel <dave () immunityinc com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I'm off to class - today is niprint day! But I did have a comment on
> Ryan Naraine's latest article[1], which is this: Hackers don't need
> hints from Microsoft's advisories.
>
> Anyways, all those people with spare time need to step up with their
> third party patches! Time is of the essence people! Eventually these
> patches will be put out by the hacker groups themselves, to keep the
> milw0rm crowd from re-owning their boxes.
>
> - -dave
> [1] http://blogs.zdnet.com/security/?p=167
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFGJGPetehAhL0gheoRAt73AJ9SKXbtxwBRPtpXMUu+u9KxqrgIwACeNwyd
> c9s7HYOfdDXQjHgprm5dFPw=
> =SwE/
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave