TLDR: Sockets/connections can always be exhausted at the app level based on
the hardware, configuration, and design.

1. Discuss <InsertDaemonNameHere>loris.
2. Hype the media on #1
3. Discuss that DOS is still bad (no debate)
4. Inform users of configuration/rate limiting opportunities/hardware/fault
tolerance design (to the extent you can)
5. Profit from #4

- Robert

On Tue, Aug 8, 2017 at 12:15 PM, Konrads Smelkovs <
konrads.smelk...@gmail.com> wrote:

> Mostly due to BCP. Guys that do construction can probably live without a
> domain controller for a bit
>
> --
> Konrads Smelkovs
> Applied IT sorcery.
>
> On 8 August 2017 at 19:27, Dave Aitel <dave.ai...@gmail.com> wrote:
>
>> So I know it's Microsoft Tuesday, but we've been working on that SMBLoris
>> bug a bit more for release to customers as well, and as part of that, we're
>> spending a lot of time thinking about it, as deceptively simple as it is.
>>
>> The thing I'm wondering is why people outside of FinancialSec  think DoS
>> is almost a non-issue. Most companies have only a few domain controllers,
>> and when those go down, the company goes down. And they have to be
>> reachable on these exact ports, from anywhere in the company, essentially.
>>
>> It seems like this is one of those things that got a tiny splash of
>> attention, but could be worth more. :)
>>
>> -dave
>>
>>
>> _______________________________________________
>> Dailydave mailing list
>> Dailydave@lists.immunityinc.com
>> https://lists.immunityinc.com/mailman/listinfo/dailydave
>>
>>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave@lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
>
>
_______________________________________________
Dailydave mailing list
Dailydave@lists.immunityinc.com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Reply via email to