Security Incidents mailing list archives

Re: Analysis: AboveNet attacks

From: filipg () CORONA EPS PITT EDU (Filip M. Gieszczykiewicz)
Date: Mon, 8 May 2000 10:20:44 -0400


On Thu, 4 May 2000, Robert G. Ferrell wrote:

In penetration tests I have been involved with, any information I
acquire about the networks and systems that I otherwise wouldn't know
makes it much easier for me to find the weakness(es) in the defenses I
am testing.


On the flip side of the coin, a truly clever company might make available
intentionally false network/security architecture information, just to confuse
potential attackers a bit.


Not 'confuse' so much as 'fingerprint' a possible attack. If you get 5
hits on machines that don't exist along with a series of probes that
yield data... you might have something interesting...

Current thread:

Re: Analysis: AboveNet attacks Richard Bejtlich (May 01)
- Re: Analysis: AboveNet attacks Robert Graham (May 02)
  - Re: Analysis: AboveNet attacks Ville (May 06)
- Re: Analysis: AboveNet attacks Paul Cardon (May 02)
- <Possible follow-ups>
- Re: Analysis: AboveNet attacks Laura Taylor (May 03)
- Re: Analysis: AboveNet attacks Robert G. Ferrell (May 04)
  - Re: Analysis: AboveNet attacks Filip M. Gieszczykiewicz (May 08)