Sorry to see that things haven’t changed. 


While it’s certainly not as sexy as RCE, it’s damaging, can lead to data loss, 
and as you point out, an enterprise wide outage.


Found the first one of these in NT in 1998 while reversing Microsoft’s DCE-RPC 
implementation which at the time was not yet documented:




From: Dailydave <> on behalf of Dave 
Aitel <>
Date: Tuesday, August 8, 2017 at 11:27 AM
To: "" <>
Subject: [Dailydave] SMBLoris


So I know it's Microsoft Tuesday, but we've been working on that SMBLoris bug a 
bit more for release to customers as well, and as part of that, we're spending 
a lot of time thinking about it, as deceptively simple as it is.


The thing I'm wondering is why people outside of FinancialSec  think DoS is 
almost a non-issue. Most companies have only a few domain controllers, and when 
those go down, the company goes down. And they have to be reachable on these 
exact ports, from anywhere in the company, essentially. 


It seems like this is one of those things that got a tiny splash of attention, 
but could be worth more. :)




_______________________________________________ Dailydave mailing list 

Dailydave mailing list

Reply via email to