Penetration Testing mailing list archives
Re: [PEN-TEST] Recourse Tech. and Manhunt
From: Rainer Duffner <duffner () FH-KONSTANZ DE>
Date: Fri, 16 Feb 2001 06:03:18 +0100
On Thu, 15 Feb 2001, Jonathan S. Keim wrote:
hi all, does anyone have information on the recourse technologies product "manhunt" or anything else that's not on their web pages?
The vulnerabilities 1908,1909 and 1913 in the database do count, too ?
(for those that don't want to go to www.recourse.com and read up on the product. there's also some info in the pen-test archives starting 10/2/00.) what i'm really interested in is manhunt's dependence on other manhunt products, as well as network infrastructure. the FAQ says that each manhunt monitor can communicate with other manhunts upstream and downstream to coordinate information gathering and to perform tracing of a denial of service attack. this seems like it has a real vulnerability from saturation of the communication links between up/downstream monitors...
This is always a problem with remotely managed kit, IMHO. Even if you have a management-network dedicated to the task, the amount of traffic can be quiet large. If you (or someone else) can DoS the management-network, there's not much left to do. See a recent slashdot-piece on the attack on undernet and what it did to their network as a whole. ciao, Rainer -- ======================================== Rainer Duffner , Konstanz, Germany eMail: duffner () fh-konstanz de rainer.duffner () surf24 de http://www-stud.fh-konstanz.de/duffner/ ========================================
Current thread:
- [PEN-TEST] Recourse Tech. and Manhunt Jonathan S. Keim (Feb 15)
- Re: [PEN-TEST] Recourse Tech. and Manhunt Rainer Duffner (Feb 16)
- Re: [PEN-TEST] Recourse Tech. and Manhunt Bill Pennington (Feb 16)