[38922] in North American Network Operators' Group
Re: DDOS anecdotes
daemon@ATHENA.MIT.EDU (Jonas Luster)
Sat Jun 23 19:14:28 2001
Date: Sat, 23 Jun 2001 16:13:34 -0400
From: Jonas Luster <jluster@d-fensive.com>
To: nanog@merit.edu
Message-ID: <20010623161334.A12055@netwarriors.org>
Mail-Followup-To: Jonas Luster <jluster@d-fensive.com>,
nanog@merit.edu
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="wac7ysb48OaltWcw"
Content-Disposition: inline
In-Reply-To: <002001c0fc33$d3401da0$01c8a8c0@default>; from DaveHowe@gmx.co.uk on Sat, Jun 23, 2001 at 11:28:08PM +0100
Errors-To: owner-nanog-outgoing@merit.edu
--wac7ysb48OaltWcw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
* David Howe sez:
: As I understand it, the spoofing code is already available as a
: drop-in DLL - ZPacket.
winpcap has no problems installing itself, hiding itself and functioning
properly without needing a reboot or keystrokes. Whoever is clueful
enough to write a small trojan (and you don't need much clue for that),
will know how to have that trojan fetch winpcap from the 'net and how to
install it. If the dropin refuses to work without a reboot, the trojan
could simulate a crash and force the luser to reboot - Windozies don't
get suspicious if their machine hangs every once in a while.
Gibson knows that - a lot of people told him. He just refuses to
understand. He's simply a case of dangerously inflated ego combined with
lack of basic clue and way too good in bullshitting his way around.
--wac7ysb48OaltWcw
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7NPhuLiBMm4sGvnURAjWhAJ9neEAZaRFYaxBUWKnik2l2khy0rgCfXN25
g7+aXSzAcETa4ao284HYmF8=
=oqX2
-----END PGP SIGNATURE-----
--wac7ysb48OaltWcw--
