Re: Malicious use of grc.com

[gabriel rosenkoetter <gr () eclipsed net>]

On Tue, Nov 27, 2001 at 12:46:09AM -0700, Blake McNeill wrote:
> Reading Steve Gibson (or someone claiming to be Steve Gibson at least)
> response to questions concerning this on
> http://www.dslreports.com/forum/remark,1859774~root=security,1~mode=flat, he
> says and I quote, "In other words, it is COMPLETELY IMPOSSIBLE to use the
> ShieldsUP system to launch any sort of denial of service attack against
> anyone. It's simply not true."
>
> Interesting...

Were you purposefully chopping out the relevant information in your
quote in order to make Mr. Gibson look bad? If not, then I
misunderstood you, but the above sort of comes off as sarcastic. At
any rate, I'm glad I bothered to read the post at the URL you
mentioned, and I hope other people will as well.

The important points that Steve (and let's just assume it's him,
shall we?) makes is that his software, on the server side, limits:

(a) bandwidth of the scanning to 400 bytes/sec
(b) the number of requests aimed at a given IP run at the same time
    to one

This rules out even the remote possibility of a DoS.

He also points out that this has been a known, and publicly stated,
issue since 10/28/99. You can complain about how long change has
been in coming, if you like, but that hardly seems to be content
relevant to the incidents mailing list.

It's still true that you can scan a host other than your own...
*ten* *ports* on that other host. Why waste the time? Go find
yourself a public area lab on a university campus or any of the
insanely many insecure 802.11B networks in any major city and scan
from there... you'll get the same (if not better) anonymity.

-- 
       ~ g r @ eclipsed.net

Attachment: _bin
Description: