Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] n3td3v group calls on RSA to clarify their stance
From: Scott T. Cameron (scameronroutehero.com)
Date: Sat Apr 01 2006 - 07:44:31 CST
On Sat, Apr 01, 2006 at 05:34:20AM +0100, n3td3v wrote:
> No one actually knows how RSA are carrying out their database attacks yet,
> hence the reason I called for clarity on the issue. But I really am suspect
> about the exact technical setup of the attacks that the RSA are carrying out
> against fake logins and their databases. Theres no way however they could
> carry out world wide attacks on hundreds of fake login targets, without the
> use of more than one ip host. And whats the definition of a bot network,
> isn't it more than one computer used to send data? In which case you would
> need to define the RSA as using a bot network to send their fake raw data to
> fake world wide phishing targets. And if they are, is it ok for everyone
> else to join in. No I didn't say I had a botnet, and I didn't say I was
> attacking anything, all I asked was for RSA to clarify their stance, to make
> it clear that its ok or not ok for everyone to join in the attacks they
> recommended via the Cnet news article as a good method to beat phishers.
You realize ARIN assigns blocks of IPs, right? In various parts of North America? Then you have RIPE for your precious UK.
I would be completely overwhelmed if RSA had more than a /30 from their provider. That is unfathomable.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/