Quote:
Originally Posted by Ignitionnet
Well here's how to do a vulnerable server via XSS. *Sigh*
|
Lol!
---------- Post added at 14:36 ---------- Previous post was at 14:33 ----------
Quote:
Originally Posted by Qtx
Some fun to be had with API's too. Such a broad spectrum of goodies that will keep giving Some nice scripts out that will exploit this over ssl to avoid network filtering rules.
|
Yeah, I know a few organizations that have deployed signatures on their border firewalls to block these HTTP requests but that doesn't help against SSL or FTP(S). I hope they're not relying solely on their firewalls...
[quote]Give it another week or so and we will start to see some huge DDoS
tests taking place.[/QUOTE
IMO webservers aren't as good a source for (D)DoS attacks these days thanks to a lot of provider companies doing outbound filtering and DDoS protection, i.e. detecting if a machine is being used for an attack and blocking it automatically. Course, not all providers do this and the ones that don't are still bandwidth-rich havens.