Bugtraq mailing list archives
Re: Router programming,source routes and spoofed ICMP attacks.
From: cider () elwha evergreen edu (Cyrus Durgin)
Date: Thu, 20 Jun 1996 19:58:38 -0700
On Thu, 20 Jun 1996, Alan Brown wrote:
I have the sourcecode to nuke.c and binaries of wnuke here but I'm not particularly happy with the thought of handing them out for obvious reasons, though they're probably readily available if one looks in the "right" places. AB
for a list which is well-respected for its reputation as a full-disclosure list, i'm always disappointed to see posts like this; not only are they contrary to the concept of a full-disclosure list, but they are also almost wholly unproductive. what better way to analyze, study, and finally develop protection against a security risk than to examine the source? by not posting the source, the poster is doing no one a favor, because, as the quote above suggests, those who will use the code for illicit purposes will just go out to the "right" places and get it themselves. making others aware of a risk is only useful so long as they are able to defend against it. if your house is on fire, and i tell you it's on fire, but not how to extinguish the fire, the knowledge that it is on fire does not do you very much good. security through obscurity has always been a weak tactic, and is frequently more than weak: it is frequently outright dangerous. -Cyrus Durgin cider () elwha evergreen edu "If carpenters made buildings the way programmers make programs, the first woodpecker to come along would destroy all of civilization." -Anon. ****************************************************************************** Key fingerprint = 5D A5 52 5C 5E B7 F1 AB E1 2D 90 BE 19 34 35 54 mail for PGP public key ******************************************************************************
Current thread:
- Sendmail 6.x+ holes? Robert A. Boyd (Jun 19)
- Re: Sendmail 6.x+ holes? Alan Brown (Jun 19)
- Re: Sendmail 6.x+ holes? Kari E. Hurtta (Jun 20)
- Re: Sendmail 6.x+ holes? Roland Dobbins (Jun 20)
- Re: Sendmail 6.x+ holes? martinh () mailhost emap co uk (Jun 24)
- Re: Sendmail 6.x+ holes? Henry W. Farkas (Jun 24)
- Re: Sendmail 6.x+ holes? Kari E. Hurtta (Jun 20)
- Router programming,source routes and spoofed ICMP attacks. Alan Brown (Jun 19)
- Re: Router programming,source routes and spoofed ICMP attacks. Brian Mitchell (Jun 20)
- Re: Router programming,source routes and spoofed ICMP attacks. Alan Brown (Jun 22)
- Re: Router programming,source routes and spoofed ICMP attacks. Brian Mitchell (Jun 24)
- Re: Router programming,source routes and spoofed ICMP attacks. Brian Mitchell (Jun 20)
- Re: Router programming,source routes and spoofed ICMP attacks. Cyrus Durgin (Jun 20)
- Re: Router programming,source routes and spoofed ICMP attacks. Yiorgos Adamopoulos (Jun 21)
- Administratrivia Aleph One (Jun 21)
- Write-only devices (Was read only devices) Paul C Leyland (Jun 21)
- Re: Write-only devices (Was read only devices) Piete Brooks (Jun 21)
- Re: Write-only devices (Was read only devices) [via LSMTP - see Paul C Leyland (Jun 24)
- nuke *Hobbit* (Jun 21)
- Re: nuke Rowan Smith (Jun 24)
- Re: nuke Vadim Kolontsov (Jun 24)
- Re: nuke Chris A. Petro (Jun 26)
- Re: Sendmail 6.x+ holes? Alan Brown (Jun 19)