Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1996_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1996: Re: Router programming,source routes and spoofed ICMP attacks.

Re: Router programming,source routes and spoofed ICMP attacks.

Cyrus Durgin (ciderelwha.evergreen.edu)
Thu, 20 Jun 1996 19:58:38 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Matt Zimmerman: "Re: Read only devices (Re: BoS: amodload.tar.gz - ...)"
Previous message: Brett Lymn: "Re: BoS: amodload.tar.gz - dynamic SunOS modules"
In reply to: Alan Brown: "Router programming,source routes and spoofed ICMP attacks."
Next in thread: Yiorgos Adamopoulos: "Re: Router programming,source routes and spoofed ICMP attacks."

On Thu, 20 Jun 1996, Alan Brown wrote:

>
> I have the sourcecode to nuke.c and binaries of wnuke here but I'm not
> particularly happy with the thought of handing them out for obvious
> reasons, though they're probably readily available if one looks in the
> "right" places.
>
> AB
>

for a list which is well-respected for its reputation as a full-disclosure
list, i'm always disappointed to see posts like this; not only are they
contrary to the concept of a full-disclosure list, but they are also
almost wholly unproductive.  what better way to analyze, study, and
finally develop protection against a security risk than to examine the
source?  by not posting the source, the poster is doing no one a favor,
because, as the quote above suggests, those who will use the code for
illicit purposes will just go out to the "right" places and get it
themselves.  making others aware of a risk is only useful so long as they
are able to defend against it.  if your house is on fire, and i tell you
it's on fire, but not how to extinguish the fire, the knowledge that it is
on fire does not do you very much good.  security through obscurity has
always been a weak tactic, and is frequently more than weak: it is
frequently outright dangerous.

-Cyrus Durgin
ciderelwha.evergreen.edu

     "If carpenters made buildings the way programmers make programs, the
     first woodpecker to come along would destroy all of civilization."
                                                                   -Anon.
******************************************************************************
     Key fingerprint =  5D A5 52 5C 5E B7 F1 AB  E1 2D 90 BE 19 34 35 54
                             mail for PGP public key
******************************************************************************

Next message: Matt Zimmerman: "Re: Read only devices (Re: BoS: amodload.tar.gz - ...)"
Previous message: Brett Lymn: "Re: BoS: amodload.tar.gz - dynamic SunOS modules"
In reply to: Alan Brown: "Router programming,source routes and spoofed ICMP attacks."
Next in thread: Yiorgos Adamopoulos: "Re: Router programming,source routes and spoofed ICMP attacks."