Date: Wed, 12 Aug 1998 08:35:30 -0700 From: bmah@CA.Sandia.GOV (Bruce A. Mah) To: Marius Bendiksen <Marius.Bendiksen@scancall.no> Cc: bmah@california.sandia.gov, freebsd-security@FreeBSD.ORG Subject: Re: UDP port 31337 Message-ID: <199808121535.IAA17703@stennis.ca.sandia.gov> In-Reply-To: Your message of "Wed, 12 Aug 1998 17:12:53 %2B0200." <3.0.5.32.19980812171253.00964bc0@mail.scancall.no>
next in thread | previous in thread | raw e-mail | index | archive | help
--==_Exmh_808271632P Content-Type: text/plain; charset=us-ascii If memory serves me right, Marius Bendiksen wrote: > But, as you pointed out, I didn't suggest this. What I suggested was > simulating > the presence of exploitable features in the system, and logging attempts to > use > such exploits. Presumably with humans in the loop at some level, was my main point here, that was all. [snip] > ich would have configurable attack-report levels and responses. If > someone is > trying to do the BO equivalent of rm -rf / on your system, they're > attacking. I > will *not* be convinced that they actually tried such a thing as _that_ to > get > a free PGP cracker ;) Or they were tricked into it by another Trojan horse. But you're quite right, I'm *much* less likely to believe that someone apparently trying a BO attack was "just testing" or some nonsense like that, compared to someone doing a telnet. Cheers, Bruce. --==_Exmh_808271632P Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: 2.6.2 iQCVAwUBNdG2QqjOOi0j7CY9AQFpwAP/ZubW0GWqvcQXDbCuPZjyU6aNiFjVbP3P D5gUKrsRRoKfuK+HLHGVieV5X2d3c7v5tMnw931W6MuCbmVO82rQDGkoJ1NLFWuy ds+yOSdzhCA4qu2ZY4N+ayMpNaX77aFhzYrqVW7cwnRdcj53TaZlFZTaVk1EylR3 e1/pkFeGSmQ= =ti1m -----END PGP MESSAGE----- --==_Exmh_808271632P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808121535.IAA17703>