--- [EMAIL PROTECTED] wrote:
What's this mean? It means that if you
scan some lame-ass system and it
crashes as a result, you might be in deep
shit. And it shouldn't have
crashed from a portscan does *not* hold
up in court.
Having done pen-testing in the past I have disabled (dos-ed)
systems
Believe it or not, it was a Nokia running CheckPoint NG, but not well
configured.
Because the network was taking a lot of traffic during normal ops so no
problems (yet). However it was taken down by a broadcast storm earlier.
I was running multiple SYN-scan sessions of nmap with agressive
n3td3v,
You wrote:
threat meters:
Seriously, threat meters are
a waste of time and should be scraped by all.
I am not a big fan of them
either unless they are implemented well, meaning there are concrete reasons
to go from one state to the other and each state has specific actions attached
All,
I have read the Microsoft advisory and the alarm bells started to
whistle ;)
As fas a I can read this open the door to fully self propagating
email worms with whatever payload you desire.
Yet, sans.org, symantec and
us-cert.gov still have their threat levels on 1.
What am I missing,
a) Installing the patch breaks Black Berry workaround is an active directory
modification
b) Implementing the workaround will cause loss of functionality
c) The patch is currently being reverse engineered to find out what it is
that is broken (by different people for different intends)
a + b + c