Is there an HTTP protocol guru out there? In the name of Development, I have been playing with the HTTP TRACE command. If I understand the RFC correctly (which I may not). TRACE sets up a loopback of sorts for testing. Would it be possible to do something along the following lines: Send a TRACE directive to a webserver via a spoofed network broadcast address? To illicit a DOS of sorts (similar to smurf,fraggle)? or is there some mechanism preventing this? As the packets would be on 80 they would have some mobility though firewalls etc. What do you think? Kind Regards, Clinton Smith
This archive was generated by hypermail 2b30 : Thu Feb 07 2002 - 19:40:48 PST