Good Reading

[-(Xyphox)-]

So i figured every now and than we need some good reading, so here is a story of a classic attacks.

http://www.grc.com/dos/grcdos.htm
Another Attack in 2002, Some more good reading
http://www.grc.com/dos/drdos.htm

 

[AMD[H]unter]

Good stuff, man

 

[-(Xyphox)-]

Good stuff, man

Thanks, it is always nice to read about attacks, specially at this scale
i found this when i bought spinrite awhile back and thought everyone might like the read

 

[AMD[H]unter]

I just finished it. AWESOME read, and I learned alot too.

 

[-(Xyphox)-]

I just finished it. AWESOME read, and I learned alot too.

yeah, The first time i did i learned a lot also, maybe mod will make it a sticky and everyone can learn from it

 

[AMD[H]unter]

Maybe put it in the Networking FAQ?

 

[-(Xyphox)-]

Maybe put it in the Networking FAQ?

Good Point

 

[-(Xyphox)-]

good story like this needs a bumb

 

[CompuDrew]

That was good. Thanks for sharing!

 

[-(Xyphox)-]

That was good. Thanks for sharing!

no problem

 

[-(Xyphox)-]

see main, 2nd story added

 

[-(Xyphox)-]

Enjoy!

 

[AMD[H]unter]

That one is great too!

 

[Stellar]

http://grcsucks.com/

 

[brachy33]

So as someone new to network security and plain 'ol secure coding, do I take GRC with a grain of salt or is it useful in learning network security? If so, what's with this:

http://grcsucks.com/

???

 

[Stellar]

So as someone new to network security and plain 'ol secure coding, do I take GRC with a grain of salt or is it useful in learning network security? If so, what's with this:

???

Generally you should tke everything with a grain of salt. Not all of what Gibson writes is bunk, but much of it happens to be.

Do your reading.

 

[NemesisBLK]

So as someone new to network security and plain 'ol secure coding, do I take GRC with a grain of salt or is it useful in learning network security? If so, what's with this:

???

From the Wikipedia (yeah it's cliche, but it is a good alternate source to grcsucks in this case) article on Steve Gibson:

Criticism

Gibson is not without critics and has generated controversy because of his strong stance on security issues and relatively high profile. He is a contentious figure even among his fellow InfoWorld columnists [2]. A website named GRCsucks.com was regularly maintained between 2001 and 2004.

Notable examples of controversial claims Gibson has made:

Wrote an original IP protocol [3], when in fact it turned out his solution was very similar to SYN cookies.

Stated that raw sockets in Windows XP could be the "enabling factor for the creation of a series of 'Ultimate Weapons' against which the fundamentally trusting architecture of the global Internet currently has no effective defense" [4]. Fyodor, the author of Nmap, argued that disabling raw sockets would solve nothing. Microsoft removed them in its Service Pack 2 update after the Blaster worm exploited it.

Suggested that the Windows Metafile vulnerability was intentionally engineered into Windows by Microsoft [5]. Gibson also sugested in episode 22 of his Security Now podcast that Microsoft's reason for patching the vulnerability may have been due to an "industrious hacker" who found out about it and had been using it for financial gain [6].

It's up to you to decide. Like the above poster said, "Do your reading", and I'll add "read from a variety of sources also.

 

[Malk-a-mite]

A lot of the issues surrounding Gibson stem from the fact that at times he markets himself as something he's not. A security expert. He is very smart and a great marketer, but sometimes it seems as if he starts to believe his own hype.

The nano-packets scanner is a nice example of that one.

 

[DragonNOA1]

wowza, thanks

 

[brachy33]

Generally you should tke everything with a grain of salt. Not all of what Gibson writes is bunk, but much of it happens to be.
Do your reading.

Roger that. TY