Full Disclosure mailing list archives
Re: Blocking Music Sharing.
From: Scott Manley <djsnm () djsnm com>
Date: Mon, 15 Sep 2003 14:12:40 -0700
Snort rules and port blocking of non-essential services are all very well but they'll never stop anything - anyone remember the CDC's much publicised 'Peek-a-Booty' I remember them commenting that it was going to run over SSL on port 443 by default - after all which sysadmin is going to shutdown SSL traffic on 443? And since it's SSL you're not going to be able to sniff it.
I'm not sure if there are any more popular p2p apps that could get away with this trick, so it's not a real threat for the moment.
You might want to look at vulnerability scanners, detecting the running client on a host machine is a good possibility, although many p2p clients can operate without listening ports on every host.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Blocking Music Sharing., (continued)
- Re: Blocking Music Sharing. Larry Roberts (Sep 15)
- Re: Blocking Music Sharing. Cael Abal (Sep 15)
- Re: Blocking Music Sharing. Denis Dimick (Sep 15)
- Re: Blocking Music Sharing. Nick FitzGerald (Sep 16)
- RE: Blocking Music Sharing. Andrews Carl 448 (Sep 15)
- Re: Blocking Music Sharing. David Loyd (Sep 15)
- Re: Blocking Music Sharing. Jedi/Sector One (Sep 15)
- Re: Blocking Music Sharing. David Loyd (Sep 15)
- Re: Blocking Music Sharing. Dimitri Limanovski (Sep 15)
- Re: Blocking Music Sharing. srenna (Sep 15)
- RE: Blocking Music Sharing. Todd Mitchell - lists (Sep 15)
- Re: Blocking Music Sharing. Scott Manley (Sep 15)
- Re: Blocking Music Sharing. srenna (Sep 15)
- RE: Blocking Music Sharing. Bergeron, Jared (Sep 15)
- IE Object Type Validation Vulnerability Exploit n30 (Sep 15)
- Re: IE Object Type Validation Vulnerability Exploit phlox (Sep 15)
- Re: IE Object Type Validation Vulnerability Exploit n30 (Sep 15)
- Re: IE Object Type Validation Vulnerability Exploit Andreas Marx (Sep 16)
- Re: IE Object Type Validation Vulnerability Exploit Cael Abal (Sep 16)
- Re: IE Object Type Validation Vulnerability Exploit morning_wood (Sep 18)
- Re: IE Object Type Validation Vulnerability Exploit Cael Abal (Sep 18)
- IE Object Type Validation Vulnerability Exploit n30 (Sep 15)
- Re: Blocking Music Sharing. Sam Baskinger (Sep 16)