Network Security: Detailed info on Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80

from [Joey Mengele] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80
Date:	Fri, 18 Apr 2008 11:20:20 -0400

Valdis,

On Fri, 18 Apr 2008 11:11:41 -0400 Valdis.Kletnieks@vt.edu wrote:

Yes, but although we have evidence that a DDoS of some sort is 
underway,
we have *ZERO*, *ZIP*, *ZILTCH*, *GOOSE-EGG* indication that an 
XSS was
involved.  For all you know, it was an iframe injection into 
clients that
visited a compromised webserver that downloaded the DDoS tool.


Where is the proof of this iframe injection that you claim? I doubt 
such a technique even exists.

Sounds more like a "textbook case of calling it an XSS because 
when you only
have a hammer everything looks like a nail".


I find this idea flawed.

J

--
Click here to double your salary by becoming a medical transcriber.
http://tagline.hushmail.com/fc/Ioyw6h4eKoYHImzrEsXlNtMLmPc3SuamsTou11HtdoKWt3rjJZe4uU/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] lots of connections to 64.40.117.19 port 80, Ganbold Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Michael Holstein Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Guido Landi Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, news Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, php0t Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele <= Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, news Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, news Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Valdis . Kletnieks Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, news Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, offbitz Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, mcwidget

Previous by Date:	Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele
Next by Date:	Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele
Previous by Thread:	Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, Joey Mengele
Next by Thread:	Re: [Full-disclosure] lots of connections to 64.40.117.19 port 80, news
Indexes:	[Date] [Thread] [Top] [All Lists]