|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Rainer Duffner (duffner
FH-KONSTANZ.DE)Date: Thu Feb 15 2001 - 23:03:18 CST
On Thu, 15 Feb 2001, Jonathan S. Keim wrote:
> hi all,
>
> does anyone have information on the recourse technologies product
> "manhunt" or anything else that's not on their web pages?
The vulnerabilities 1908,1909 and 1913 in the database do count, too ?
> (for those that don't want to go to www.recourse.com and read up on the
> product. there's also some info in the pen-test archives starting
> 10/2/00.)
>
> what i'm really interested in is manhunt's dependence on other manhunt
> products, as well as network infrastructure. the FAQ says that each
> manhunt monitor can communicate with other manhunts upstream and
> downstream to coordinate information gathering and to perform tracing of
> a denial of service attack. this seems like it has a real vulnerability
> from saturation of the communication links between up/downstream
> monitors...
This is always a problem with remotely managed kit, IMHO.
Even if you have a management-network dedicated to the task, the amount
of traffic can be quiet large.
If you (or someone else) can DoS the management-network, there's not
much left to do. See a recent slashdot-piece on the attack on undernet
and what it did to their network as a whole.
ciao,
Rainer
-- ======================================== Rainer Duffner , Konstanz, Germany eMail: duffner
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]