Re: [MV] Urgent: Anyone accessing the internet! (HOAX)!

Just fishin' from my (gamma_goat@plazma.net)
Thu, 12 Nov 1998 18:03:36 -0800

At 08:08 PM 11/12/98 -0500, you wrote:
>>the threat of this kind of attack is, at this stage, pretty much nil. in
>>part because you still have to mess with an attachment menu / filemenu, and
>>I have yet to see anyone actually infect a machine with it.. there's a big
>>difference between crash a machine and format a harddrive..
>
>
>You don't have to mess with the menu. If written correctly, why would it
>crash? As long as I know what processor you are running (And I'll guess by
>saying it is a Intel processor and be correct 90% of the time.), getting it
>to execute anything would be easy by inserting the correct 80X86 assembly
>instructions. Very trivial to perform using basic hacker buffer overflow
>techniques. (There are a plethora of generic routines to exploit buffer
>overflows for a variety of processors. Once I know the buffer size of the
>mail file attachment field, I just need to "plug and play" these generic
>routines in the location following the location that creates the overflow.
>It is a very common exploit these days to go after buffer overflows.)
>You're only hope would be if your ISP is prescanning the header for
>non-printable ASCII characters (if you are foolish enough to think this is
>in the realm of black helicopters).

well, I am the isp, and I am auto trashing anything
with non printable charachters in the headers :)

and I always see the black helicopters... doesn't everyone? :)

I was under the impression (being on the bugtraq list myself) that this
problem wasn't anywhere near as serious as the claim.. of course, i could
be wrong.

>While "WIN A HOLIDAY" is a hoax, the techniques they describe a very real.
>Sorry to ramble off topic. I just hated to see Mike get plastered for
>something that IS a real problem.

I wasn't plastering him.. normally i reply with a billion copies and see if
they figure it out :)
-dd

\\\\\//
\\|// _\\|//_ | | _\\|//_ \\|//
(@ @) (' 0-0 ') (.) (.) (' @-@ ') (o-o)
+-=oOOo-(_)-oOOo=oo0-(_)-0oo=oOO==(_)==OOo=oo0-(_)-0oo=oOOo-(_)-oOOo=-+
Plazma Networking Services / Level Seven inc.
Connecting the World....
http://www.plazma.net http://www.L7.net http://www.L7.org
Olympia's "one stop" InterNetworking Provider 1 (360) 357 - 7315
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
/"\
\ /
X ASCII Ribbon campaign against HTML E-Mail
/ \

===
To unsubscribe from the mil-veh mailing list, send the single word
UNSUBSCRIBE in the body of a message to <mil-veh-request@skylee.com>.