Forwarded From: Cancer Omega <comega@sekurity.org>
Site: RSI Denial-of-Service Database
Type: Security Advisory Library and Related Databases
URL : http://www.repsec.com/denial.html
Who : Repent Security, Inc.
Date: 04/30/98
Searchable by: Database delineated by focus of DoS attack, whether by
application, machine, protocol or operating system.
Areas covered include: Routers, Web Browsers, Windows
(client and server), Netware, MacOS (client and server),
AIX, BSD, HP-UX, IRIX, Linux, Sun/Solaris, OSF/DGUX,
TCP/IP, SMTP, IRC, DNS, non-OS-specific UNIX, X-Windows,
Apache, Quake, and others.
Sort by: Date Reported, Platform/Application/Protocol
- From the page:
"At no time will RSI provide exploit code nor DoS scripts for these types
of attacks - so don't ask. If you are an NT administrator, we highly
recommend that you bookmark this page. We also urge you to subscribe to
the RSI-DoS Discussion mailing list as NT networks seem to be more
succeptible to this type of attack than others.
"RSI operates one of the most extensive and comprehensive databases of
bugs, exploits, and vulnerabiliites (BEV) - anywhere. Due to its level of
content, we have restricted access to the BEV database to those companies
or individuals who have a specific need to access something of this
nature."
Reviewer's Comments:
RSI lives up to the claim of having a very comprehensive database. On
review of the collection of DoS attacks, this reviewer utilized his
browser "Find" to scan for every type of DoS method he knew and
consistently came up with a match of what he expected to find. Listings
are short on exploit code, but long on practical portions which
demonstrate the heart of an attack as well as patch, fix and upgrade
information. This should suit many security-conscious admins quite well.
In addition to the database, the site offers subscription to their own DoS
alert mailing list. A definite plus if their advisories prove as timely
as their database is comprehensive.
The site appears to be under construction in several areas, but also seems
to be getting populated on a daily basis. This reviewer's opinion is that
the site is a diamond in the rough. Future additions, perhaps the
addition of a search engine, could vastly improve data accessibility and
ease-of-use. But these issues are a matter of aesthetics and should not
dissuade those interested in preventing DoS attacks.
Cancer Omega
<comega@sekurity.org>
- -<} Cancer Omega * "The Worst of Both Worlds" * comega@sekurity.org {>- -
'<}~-~-~-~-~-~-<} http://www.sekurity.org/~comega {>-~-~-~-~-~-~{>'
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQCVAwUBNUgiaIiWA+pZ3wyjAQG1LAP/S6OUgwA2rL4OMDMNLqjY11zZWq9R0Tpa
9Mhmq6nmHOwmvsZ5o0ezn4ufMH1pO49OoHziJYCTsHrMd+dKucenYWA/m5QTtji1
hIcjVs+ZXzWaC49vNjK7/DMHtsgVclsZYZnycpp7fDn040JZFrXaCAKX6BtEcCIk
scYdQsLTbgA=
=PHKa
-----END PGP SIGNATURE-----
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repend Security Incorporated [www.repsec.com]
Received on Fri May 1 09:04:58 1998