Full Disclosure mailing list archives
Veriscum badness...
From: "MacDougall, Shane" <smacdougall () idanalytics com>
Date: Wed, 17 Sep 2003 15:31:41 -0700
Hmmm, couldn't somebody so motivated create a distributed tool that generates tons o' requests to random fake addresses? This would effectively cause a de facto DOS attack on Veriscum, but I'm not sure if it would be prosecutable since no actual site was being targeted... After all, if you happen to hit fakesites1.com, fakesites2.com, fakesites3.com, etc etc. who would be the affected party? The sites don't exist - there's no sysadmin scrambling to block the traffic, there's no hardware being hammered (directly at least). I don't think Veriscum would have a case because the requests weren't aimed at Veriscum or any of their subsidiaries... Just because they decided to point unresolved URLs to their site unilaterally doesn't seem to me to be basis enough for a complaint. Of course I could be (and often am) wrong. Just wondering... =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Shane MacDougall Lead Security Officer ID Analytics San Diego, California USA Direct: (858) 427-2860 Toll Free: 866-240-4484 x 2860 Fax: 858-427-2899 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Veriscum badness... MacDougall, Shane (Sep 17)