Full Disclosure mailing list archives
Re: Regarding RSnake FD
From: Jah wont_pay_the_bills <stopthesesdude () gmail com>
Date: Thu, 18 Jun 2009 07:03:07 -0400
I'm out of doobies, and i get nervous when i read lines like this : "=head1 AFFECTS Apache 1.x, Apache 2.x, dhttpd, GoAhead WebServer, Squid, others...? =head1 NOT AFFECTED IIS6.0, IIS7.0, lighthttpd, others...?" 2009/6/18 sl@cker <sl () ckers org>
Chill, the Apache folks said it was OK...maybe you should have read the whole post. security () apache org: "DoS attacks by tying up TCP connections are expected. Please see: http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos Regards, Joe" The Apache guys clearly stated that this was expected behavior, we simply made another test case for the "expected", why the outrage? Additionally there are ways to defend against this already, which also cover other DoS attacks, not to mention most enterprises with load balancers aren't affected anyway (F5 and Netscaler tested). -id ha.ckers.org >Hey, > >Regarding this script-kiddie perfect tool >http://milw0rm.com/exploits/8976and this article : >http://ha.ckers.org/blog/20090617/slowloris-http-dos/ > >Are you fucking NUTS ? > >What's your point ? you wanna get famous ?, need attention or something ? or >it's a commercial issue ? > >What gives you the right to give that knowledge to any unknowledged kids >arounds ? > >You feel hot or wanna feel hot or something ? > >Dude, your a fucking prick. > >Now lot's of enterprises are in deep shit, feeling happy with it ? >Feeling the blackhat adrenaline groing in you ? >You're a kid that doesnt understand an oz of your disclosure. > >You're an asshole who doesnt even understand what means work in the security >industry. >I guess you're like Aelphaeis Mangarae, who like to talk about, why we >should say fuck u to FD while posting NOOBS paper about PHP security issue >on MILW0RM >GET A FUCKING BRAIN ASSHOLE, you're a real prick. ~ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Regarding RSnake FD sl@cker (Jun 18)
- Re: Regarding RSnake FD Jah wont_pay_the_bills (Jun 18)
- Re: Regarding RSnake FD RoMeO (Jun 18)