Re: [cobalt-security] RE: OT: Mail to Windows Admins (WAS: Hacking Hacking My RAQ4i)

[Ted Behling <TBehling@xxxxxxxxxxxxx>]

At 10:57 PM 8/6/01 -0500, Michael J. Cannon wrote:
>Oh, goody...so, during a time when the packet loss, traffic levels and
>overall affectors of Internet Lag Time are at their highest levels in a
>while, you folks are gonna look up a DNS RARP, then manually reverse-DNS the
>result, do a who-is to the INTERNIC (or ARINC or other TLD authority), and
>then send a quantity of email to IP addresses that could have been spoofed.
>How much traffic is that?  Isn't this 'cure' worse than the disease?

*sniff*  *sniiiff*  Hmm, what's that smell?  Smells like somebody used a
flamethrower in here...

I'm sorry to have annoyed you.  You're right, this would generate a rather
lot of traffic.  In posting my message, I was trying to assist another list
member in developing his idea without passing judgement on it, good or bad.

BTW, just so you know, DNS and RARP are unrelated protocols ("look up a DNS
RARP", above).  He'd actually be doing a DNS PTR lookup.  Another minor
point, InterNIC is no longer Network Solutions; it's now ICANN.

--------------------------------------------------------------------------
Ted Behling, Web Application Developer - Monarch Information Systems, Inc.

43 Folly Field Road, Unit 4, Hilton Head Island, SC 29928-5434
E-mail: mailto:TBehling@xxxxxxxxxxxxx
Phone/Fax: 1-800-842-7894    Local or Outside the USA: 1-843-842-7894
Cell Phone (urgent issues): 843-816-7895
Cell Phone E-mail: mailto:TedPhone@xxxxxxxxxxxxx (116 letter limit)
Web site: http://www.MonarchIS.net
--------------------------------------------------------------------------