|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Joey Mengele (joey.mengele
hushmail.com)
Date: Fri Apr 18 2008 - 10:20:20 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Valdis,
On Fri, 18 Apr 2008 11:11:41 -0400 Valdis.Kletnieksvt.edu wrote:
>Yes, but although we have evidence that a DDoS of some sort is
>underway,
>we have *ZERO*, *ZIP*, *ZILTCH*, *GOOSE-EGG* indication that an
>XSS was
>involved. For all you know, it was an iframe injection into
>clients that
>visited a compromised webserver that downloaded the DDoS tool.
>
Where is the proof of this iframe injection that you claim? I doubt
such a technique even exists.
>Sounds more like a "textbook case of calling it an XSS because
>when you only
>have a hammer everything looks like a nail".
I find this idea flawed.
J
--
Click here to double your salary by becoming a medical transcriber.
http://tagline.hushmail.com/fc/Ioyw6h4eKoYHImzrEsXlNtMLmPc3SuamsTou11HtdoKWt3rjJZe4uU/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]