Re: [Dailydave] SMBLoris

Mostly due to BCP. Guys that do construction can probably live without a domain controller for a bit -- Konrads Smelkovs Applied IT sorcery. On 8 August 2017 at 19:27, Dave Aitel wrote: > So I know it's Microsoft Tuesday, but we've been working on that SMBLoris > bug a

Re: [Dailydave] SMBLoris

Sorry to see that things haven’t changed. While it’s certainly not as sexy as RCE, it’s damaging, can lead to data loss, and as you point out, an enterprise wide outage. Found the first one of these in NT in 1998 while reversing Microsoft’s DCE-RPC implementation which at the time was

[Dailydave] SMBLoris

So I know it's Microsoft Tuesday, but we've been working on that SMBLoris bug a bit more for release to customers as well, and as part of that, we're spending a lot of time thinking about it, as deceptively simple as it is. The thing I'm wondering is why people outside of FinancialSec think DoS