Re: smk

[c0n <root () DEF-CON ORG>]

I think that I actually lost brain cell's by reading that.
It just hurt my head to think anyone could be so misinformed.

"I will use the NON-R0UTABLE 127.0.0.1 client setting for this demonstration (most commonly used IP for LAN settings)"

What?
ok, sure.

-c0n

The greatest of all faults is to be conscious of none
-Thomas Carlyle 1795-1881

On Wed, 10 Jan 2001, Ryan Permeh wrote:
> perhaps this just wasn't written in a way i could understand, but from what
> i gathered, it looked like they were trying to do some kind of dns
> redirection attack, paired with the routing of the loopback address(not even
> sure why anyone would want to route this, since it ususally will never even
> send a packet on the wire). I'm not certain i'm seeing any new
> vulnerabilities, or any vulnerabilities at all.  it wasn't written in a way
> where i could understand their test scenarios, or the processes they used,
> or even really what the end result should have been.  perhaps someone who
> read this and understood it better could comment further, but from the
> information in there, i couldn't see any problems, ither than a presupposed
> NIC Registry spoof and a bad routing table on router X.
> Signed,
> Ryan
> eEye Digital Security Team
> http://www.eEye.com
>
> ----- Original Message -----
> From: "Jim Carr" <viper () BEA COM>
> To: <VULN-DEV () SECURITYFOCUS COM>
> Sent: Tuesday, January 09, 2001 10:51 AM
> Subject: smk
>
>
> > I haven't heard any chat about this from Stray Mountain Kitty about a NAT
> > exploit.
> > http://www.cryptography.ws/smk/smk-vun.001.001.htm
> >
> > Has anyone have any ideas or heard about this?
> >
> > Viper Team
> > viper () bea com
--