Dailydave mailing list archives

Re: Paul Vixie's response...

From: "Thomas Ptacek" <tqbf () matasano com>
Date: Sun, 13 Jul 2008 19:13:28 -0500

 i've got others (dan kaminsky, david dagon, florian weimer, CMU CERT, jinmei
 tatuya, john kristoff, ben laurie, bert hubert, sean leach) to vouch for me
 not being owned, at least regarding CERT VU# 800113.  i guess there's a way


What's awesome about this is that Vixie thinks that not being
vulnerable to cache poisoning means he's not owned.

 | > 3. Map this list of TXIDs into an internal RNG state using a rainbow
 | > table. This lets you predict the next set of TXID's with just a hash
 | > lookup.
 | > 4. Make a request for mail.google.com and send your spoofed packets to
 | > infect the cache.
 that is so cool!  thanks for all your great work.


What's awesome about this is that Vixie is making fun of you.

-- 
---
Thomas H. Ptacek // matasano security
read us on the web: http://www.matasano.com/log
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Paul Vixie's response... Dave Aitel (Jul 13)
- Re: Paul Vixie's response... Thomas Ptacek (Jul 13)