Full Disclosure mailing list archives
Re: Denial of Service in WordPress
From: Cool Hand Luke <coolhandluke () coolhandluke org>
Date: Sat, 29 Jun 2013 20:36:51 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 06/28, Julius Kivimäki wrote:
If one wants to conduct such attacks, would it not be a million times easier for them to use infected hosts to do thousands of requests per second? (Per computer). Can you come up with a scenario where this "attack" would actually be useful?
no, he can't. there isn't such a scenario. this is one of those situations where in theory he is correct but in reality this is simply not an issue. there are a thousand other attacks one could do that would be more efficient and more effective (which others have been trying to explain to him) but he refuses to listen and insists this is a major problem. this is *not* an issue -- which is why everyone has been ignoring it for 5.5 years. - -chl - -- cool hand luke -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQF8BAEBCgBmBQJRz0VjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5RUE3NjY3OTY3NTE0RjAyMDgyRTNBQzAy QkE2NTVENTVDODgzNUVCAAoJECumVdVciDXrtT4IAJwAnbWUWrzLXuX29QO9Wsk1 nWbwOF4t0QgPaCnQckwD9r6a5/EpUIjSRD00yweXjL12ZX4RobtI18tri+h2bor3 xq9PQgsHCLe1XdU4CSAmmKpVb7Bd5YJExxH/JQJbZQdQS/KNZFvdGBKHsN4O6WYr E28H5kggpcBF1++iWp2WEBLdyoW9bGdRvtPukDkLOnLUGU28IAhxCtOlYGnjz1LE QmQvT3U4325sOKNJCdCuw3kCYnEEHY3/PlVDd/uVEiWt9w8mVzzTbUI3rjwYVagM VV9urMW9XnaaZ5VFQEUluh3jtofgfrd9d97/x/vSj2cuGMOSgvKbRg/T5XIg6JM= =7+mT -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Denial of Service in WordPress MustLive (Jun 27)
- Re: Denial of Service in WordPress Ryan Dewhurst (Jun 27)
- Re: Denial of Service in WordPress MustLive (Jun 27)
- Re: Denial of Service in WordPress Julius Kivimäki (Jun 27)
- Re: Denial of Service in WordPress MustLive (Jun 28)
- Re: Denial of Service in WordPress Jann Horn (Jun 28)
- Re: Denial of Service in WordPress Julius Kivimäki (Jun 29)
- Re: Denial of Service in WordPress Cool Hand Luke (Jun 30)
- Re: Denial of Service in WordPress MustLive (Jun 27)
- Re: Denial of Service in WordPress Ryan Dewhurst (Jun 27)
- Re: Denial of Service in WordPress Jann Horn (Jun 27)
- Re: Denial of Service in WordPress Michal Zalewski (Jun 27)
- Re: Denial of Service in WordPress MustLive (Jun 29)
- Re: Denial of Service in WordPress Michal Zalewski (Jun 29)