Veriscum badness...

["MacDougall, Shane" <smacdougall () idanalytics com>]

Hmmm, couldn't somebody so motivated create a distributed tool that
generates tons o' requests to random fake addresses? This would
effectively cause a de facto DOS attack on Veriscum, but I'm not sure if
it would be prosecutable since no actual site was being targeted...

After all, if you happen to hit fakesites1.com, fakesites2.com,
fakesites3.com, etc etc. who would be the affected party? 
The sites don't exist - there's no sysadmin scrambling to block the
traffic, there's no hardware being hammered (directly at least). I don't
think Veriscum would have a case because the requests weren't aimed at
Veriscum or any of their subsidiaries... Just because they decided to
point unresolved URLs to their site unilaterally doesn't seem to me to
be basis enough for a complaint. Of course I could be (and often am)
wrong.

Just wondering...

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Shane MacDougall
Lead Security Officer
ID Analytics
San Diego, California USA
Direct: (858) 427-2860
Toll Free: 866-240-4484 x 2860
Fax: 858-427-2899

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html