[ISN] Review: RSI Denial of Service Database

From: mea culpa (jerichoat_private)
Date: Fri May 01 1998 - 02:38:36 PDT

  • Next message: mea culpa: "(no subject)"

    Forwarded From: Cancer Omega <comegaat_private>
    
    
    Site: RSI Denial-of-Service Database
    Type: Security Advisory Library and Related Databases
    URL : http://www.repsec.com/denial.html
    Who : Repent Security, Inc.
    Date: 04/30/98
    
    Searchable by: Database delineated by focus of DoS attack, whether by
            application, machine, protocol or operating system.
            Areas covered include: Routers, Web Browsers, Windows
            (client and server), Netware, MacOS (client and server),
            AIX, BSD, HP-UX, IRIX, Linux, Sun/Solaris, OSF/DGUX,
            TCP/IP, SMTP, IRC, DNS, non-OS-specific UNIX, X-Windows,
            Apache, Quake, and others.
    
    Sort by: Date Reported, Platform/Application/Protocol
    
    - From the page: 
    
    "At no time will RSI provide exploit code nor DoS scripts for these types
    of attacks - so don't ask.  If you are an NT administrator, we highly
    recommend that you bookmark this page. We also urge you to subscribe to
    the RSI-DoS Discussion mailing list as NT networks seem to be more
    succeptible to this type of attack than others. 
    
    "RSI operates one of the most extensive and comprehensive databases of
    bugs, exploits, and vulnerabiliites (BEV) - anywhere.  Due to its level of
    content, we have restricted access to the BEV database to those companies
    or individuals who have a specific need to access something of this
    nature." 
    
    Reviewer's Comments: 
    
    RSI lives up to the claim of having a very comprehensive database.  On
    review of the collection of DoS attacks, this reviewer utilized his
    browser "Find" to scan for every type of DoS method he knew and
    consistently came up with a match of what he expected to find.  Listings
    are short on exploit code, but long on practical portions which
    demonstrate the heart of an attack as well as patch, fix and upgrade
    information.  This should suit many security-conscious admins quite well. 
    
    In addition to the database, the site offers subscription to their own DoS
    alert mailing list.  A definite plus if their advisories prove as timely
    as their database is comprehensive. 
    
    The site appears to be under construction in several areas, but also seems
    to be getting populated on a daily basis.  This reviewer's opinion is that
    the site is a diamond in the rough.  Future additions, perhaps the
    addition of a search engine, could vastly improve data accessibility and
    ease-of-use.  But these issues are a matter of aesthetics and should not
    dissuade those interested in preventing DoS attacks. 
    
    Cancer Omega
    <comegaat_private>
    
    - -<} Cancer Omega * "The Worst of Both Worlds" * comegaat_private {>- -
      '<}~-~-~-~-~-~-<} http://www.sekurity.org/~comega {>-~-~-~-~-~-~{>'
    
    -----BEGIN PGP SIGNATURE-----
    Version: PGPfreeware 5.0i for non-commercial use
    Charset: noconv
    
    iQCVAwUBNUgiaIiWA+pZ3wyjAQG1LAP/S6OUgwA2rL4OMDMNLqjY11zZWq9R0Tpa
    9Mhmq6nmHOwmvsZ5o0ezn4ufMH1pO49OoHziJYCTsHrMd+dKucenYWA/m5QTtji1
    hIcjVs+ZXzWaC49vNjK7/DMHtsgVclsZYZnycpp7fDn040JZFrXaCAKX6BtEcCIk
    scYdQsLTbgA=
    =PHKa
    -----END PGP SIGNATURE-----
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repend Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:52:19 PDT