[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] RE: OT: Mail to Windows Admins (WAS: Hacking Hacking My RAQ4i)
- Subject: [cobalt-security] RE: OT: Mail to Windows Admins (WAS: Hacking Hacking My RAQ4i)
- From: "Michael J. Cannon" <mcannon@xxxxxxxxxxxxxx>
- Date: Mon, 6 Aug 2001 22:57:01 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
QUOTE:
RE: "If I were writing the script, I'd first do a reverse DNS lookup
to get the domain name, then strip the full hostname (i.e.,
server.example.com) down to the 2nd-level domain name (example.com), then
do a whois lookup (whois -h whois.networksolutions.com example.com), and
finally send e-mail to the administrative and technical contacts for the
domain."
ENDQUOTE
Oh, goody...so, during a time when the packet loss, traffic levels and
overall affectors of Internet Lag Time are at their highest levels in a
while, you folks are gonna look up a DNS RARP, then manually reverse-DNS the
result, do a who-is to the INTERNIC (or ARINC or other TLD authority), and
then send a quantity of email to IP addresses that could have been spoofed.
How much traffic is that? Isn't this 'cure' worse than the disease?
Grow up, people. Educate YOURSELVES. Stealth your ports, redirect them,
drop packets, 'hook' the probes and, if you must, or have SERIOUS problems,
report the offenders to their ISP or simply black hole them.
Don't become part of the problem, in order to solve it. If you don't know
what you're doing, don't do anything. Go back to your porn, stock quotes
and /.
Mike