RE: possible AIM dos?

From: leon (leonat_private)
Date: Thu Oct 11 2001 - 10:01:58 PDT

Next message: Franklin DeMatto: "searching through the address space of a process"

Previous message: leon: ""cheesy" aim dos"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

No it does not work like that because not every single time will the
auto response respond.  However it will respond like once every 10
minutes or so so indeed this is possible if you don't mind spending the
time.  Additionally you could just do that from several screen names and
it might be effective.  HOWEVER AIM can be programmed not to respond
with the away message to people on your list.

That kind of throws a kink in the whole thing right there.

I cc'ed the list because I think this is important point; you can
configure aim (for windows not sure about other platforms) to NOT
respond with an auto response if the person is not on your list.

HTH

Leon

-----Original Message-----
From: John Allen Scimone [mailto:jscimoneat_private] 
Sent: Thursday, October 11, 2001 12:58 PM
To: leon
Subject: RE: possible AIM dos?

so if someone is away with an auto reply. you can message them, receive
their awway message, warn 35%, restart and repeat 2 times to get them up
to 100% that easyt?

			-John Allen Scimone (jscimoneat_private)

On Thu, 11 Oct 2001, leon wrote:

> You are only allowed to warn someone 35 percent in one "session".
Then
> if you restart (aim) you can warn them another 35 percent however they
> have to respond to your messages for this to effective.
> 
> HTH
> 
> Leon
> 
> -----Original Message-----
> From: John Scimone [mailto:jscimoneat_private] 
> Sent: Tuesday, October 09, 2001 7:15 PM
> To: vuln-devat_private
> Subject: possible AIM dos?
> 
> After reading this outdated article regarding AOL Instant Messenger's
> "warn" 
> feature:
> 
> http://www.attrition.org/security/denial/w/aim-warn.dos.html
> 
> I began to wonder what type of restrictions were put on it.  Does
anyone
> know 
> what is stopping someone from registering multiple screen names, then
> sending 
> warnings from each of those names, all targeted at the same user thus
> keeping 
> that user at a 100% warning level denying them the instant messenger
> service 
> for the most part? 
> any thoughts are appreciated.
> thanks.
> 
> John Scimone
> 
>

Next message: Franklin DeMatto: "searching through the address space of a process"
Previous message: leon: ""cheesy" aim dos"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 11 2001 - 10:23:19 PDT