Re: Wow. Just what we need

[Andrew S. Baker]

Yes, thanks.  This was an awesome read.





*ASB
**http://XeeMe.com/AndrewBaker* *
**Providing Virtual CIO Services (IT Operations & Information Security) for
the SMB market…***





On Thu, Feb 7, 2013 at 11:30 AM, Steven M. Caesare wrote:

> Great read, and indeed an interesting compliment to Wireshark... good
> stuff thanks Kurt.
>
> -sc
>
> > -Original Message-
> > From: Kurt Buff [mailto:kurt.b...@gmail.com]
> > Sent: Wednesday, February 6, 2013 8:24 PM
> > To: NT System Admin Issues
> > Subject: Wow. Just what we need
> >
> > A limited threat, but a good one:
> >
> > Packet of death
> > http://blog.krisk.org/2013/02/packets-of-death.html
> >
> > Also,
> > https://isc.sans.edu/diary/Intel+Network+Card+%2882574L%29+Packet+of+
> > Death/15109
> > - see the comment...
> >
> > What a brilliant sleuthing job, though, and a mention of a tool that's
> new to
> > me and possibly quite promising.
> >
> > Kurt
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
> >   ~
> >
> > ---
> > To manage subscriptions click here: http://lyris.sunbelt-
> > software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Wow. Just what we need

[Steven M. Caesare]

Great read, and indeed an interesting compliment to Wireshark... good stuff 
thanks Kurt.

-sc

> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Wednesday, February 6, 2013 8:24 PM
> To: NT System Admin Issues
> Subject: Wow. Just what we need
> 
> A limited threat, but a good one:
> 
> Packet of death
> http://blog.krisk.org/2013/02/packets-of-death.html
> 
> Also,
> https://isc.sans.edu/diary/Intel+Network+Card+%2882574L%29+Packet+of+
> Death/15109
> - see the comment...
> 
> What a brilliant sleuthing job, though, and a mention of a tool that's new to
> me and possibly quite promising.
> 
> Kurt
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
>   ~
> 
> ---
> To manage subscriptions click here: http://lyris.sunbelt-
> software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Wow. Just what we need

[Ben Scott]

On Thu, Feb 7, 2013 at 8:58 AM, Ziots, Edward  wrote:
> ... use Ping with a Backtrack R3 machine, I am trying to find a way
> to see if I can send pings to entire subnets to see if stuff will drop...

  FYI, on most Linux systems, "ping -b" will send broadcast packets.
So if you're on 192.0.2.0/24, you can do:

ping -b 192.0.2.255

  Note that not all IP stacks respond to broadcast pings.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Wow. Just what we need

[Ziots, Edward]

Just what I was reading, use Ping with a Backtrack R3 machine, I am trying to 
find a way to see if I can send pings to entire subnets to see if stuff will 
drop... 

Z

Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org

This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.




-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Wednesday, February 06, 2013 8:24 PM
To: NT System Admin Issues
Subject: Wow. Just what we need

A limited threat, but a good one:

Packet of death
http://blog.krisk.org/2013/02/packets-of-death.html

Also,
https://isc.sans.edu/diary/Intel+Network+Card+%2882574L%29+Packet+of+Death/15109
- see the comment...

What a brilliant sleuthing job, though, and a mention of a tool that's new to 
me and possibly quite promising.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Wow. Just what we need

[Kurt Buff]

On Wed, Feb 6, 2013 at 7:03 PM, Ben Scott  wrote:
> On Wed, Feb 6, 2013 at 8:23 PM, Kurt Buff  wrote:
>> Packet of death
>> http://blog.krisk.org/2013/02/packets-of-death.html
>
>   P.S.: From the author, in the comments: "[Intel] considered this
> issue to be completely isolated to me. Once I deployed my fix it was
> "case closed" and they stopped my replying to further inquiries. The
> entire purpose of this post was to find other affected users (which
> has been successful).  Intel has a fix, they just need to release it."
>
>   Boo to Intel for sweeping bugs under the rug again.
>
> -- Ben

Indeed. I have expected better from Intel for a long time - this is
very disappointing.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Wow. Just what we need

[Ben Scott]

On Wed, Feb 6, 2013 at 8:23 PM, Kurt Buff  wrote:
> Packet of death
> http://blog.krisk.org/2013/02/packets-of-death.html

  P.S.: From the author, in the comments: "[Intel] considered this
issue to be completely isolated to me. Once I deployed my fix it was
"case closed" and they stopped my replying to further inquiries. The
entire purpose of this post was to find other affected users (which
has been successful).  Intel has a fix, they just need to release it."

  Boo to Intel for sweeping bugs under the rug again.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Wow. Just what we need

[Ben Scott]

On Wed, Feb 6, 2013 at 8:23 PM, Kurt Buff  wrote:
> A limited threat, but a good one:
>
> Packet of death
> http://blog.krisk.org/2013/02/packets-of-death.html

  Wow.  The author's investigation of the issue is quite impressive.
As is his workaround for vendor brain damage on redistributing the
fix.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin