Message
From: Valdis.Kletnieks (AT) vt (DOT) edu [mailto:Valdis.Kletnieks (AT) vt (DOT) edu]
Sent: Friday, April 29, 2005 9:18 PM
To: Schmehl, Paul L
Cc: full-disclosure (AT) lists (DOT) grok.org.uk
Subject: Re: [Full-disclosure] The best hacker ever !
Fri, 29 Apr 2005 16:34:42 CDT, Paul Schmehl said:
Friday, April 29, 2005 03:11:16 PM -0400
Valdis.Kletnieks (AT) vt (DOT) edu wrote:
security reference: All too soon, we'll have to be
securing our systems against this guy's kids
yyyyeaaahhhhhlike that'll be a chore
Just remember Paul - his kids might apply to UT Dallas and
get accepted. I never
*said* his kids would be the attackers, did I? :)
I think some of his relatives already have. :-)
Paul Schmehl (pauls (AT) utdallas (DOT) edu)
Adjunct Information Security
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

In some senses it seems like it may be worthy of a Darwin award.

5/2/05, Schmehl, Paul L <pauls (AT) utdallas (DOT) eduwrote:
Message
From: Valdis.Kletnieks (AT) vt (DOT) edu [mailto:Valdis.Kletnieks (AT) vt (DOT) edu]
Sent: Friday, April 29, 2005 9:18 PM
To: Schmehl, Paul L
Cc: full-disclosure (AT) lists (DOT) grok.org.uk
Subject: Re: [Full-disclosure] The best hacker ever !

Fri, 29 Apr 2005 16:34:42 CDT, Paul Schmehl said:
Friday, April 29, 2005 03:11:16 PM -0400
Valdis.Kletnieks (AT) vt (DOT) edu wrote:

security reference: All too soon, we'll have to be
securing our systems against this guy's kids

yyyyeaaahhhhhlike that'll be a chore

Just remember Paul - his kids might apply to UT Dallas and
get accepted. I never
*said* his kids would be the attackers, did I? :)

I think some of his relatives already have. :-)

Paul Schmehl (pauls (AT) utdallas (DOT) edu)
Adjunct Information Security
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

While most people know better than attacking 127.0.0.1, it's important
to note that in some operating systems (Windows, and a few others, but
normally not *nix), anything in 127.* is loopback.

Its a lot easier to trick someone into attacking, say, 127.36.120.67,
than 127.0.0.1.

Just a thought.

5/2/05, vulcanius <vulcanius (AT) gmail (DOT) comwrote:
In some senses it seems like it may be worthy of a Darwin award.

5/2/05, Schmehl, Paul L <pauls (AT) utdallas (DOT) eduwrote:
Message
From: Valdis.Kletnieks (AT) vt (DOT) edu [mailto:Valdis.Kletnieks (AT) vt (DOT) edu]
Sent: Friday, April 29, 2005 9:18 PM
To: Schmehl, Paul L
Cc: full-disclosure (AT) lists (DOT) grok.org.uk
Subject: Re: [Full-disclosure] The best hacker ever !

Fri, 29 Apr 2005 16:34:42 CDT, Paul Schmehl said:
Friday, April 29, 2005 03:11:16 PM -0400
Valdis.Kletnieks (AT) vt (DOT) edu wrote:

security reference: All too soon, we'll have to be
securing our systems against this guy's kids

yyyyeaaahhhhhlike that'll be a chore

Just remember Paul - his kids might apply to UT Dallas and
get accepted. I never
*said* his kids would be the attackers, did I? :)

I think some of his relatives already have. :-)

Paul Schmehl (pauls (AT) utdallas (DOT) edu)
Adjunct Information Security
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Mon, 2 May 2005, Zuxy Haiduc wrote:

While most people know better than attacking 127.0.0.1, it's important
to note that in some operating systems (Windows, and a few others, but
normally not *nix), anything in 127.* is loopback.

Its a lot easier to trick someone into attacking, say, 127.36.120.67,
than 127.0.0.1.

Just a thought.

127.36.120.67 works under Linux as well (tested on Ubuntu, Debian, Redhat
and Gentoo with 2.2-2.6 kernels).

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

I thought that was your IP so I used the same program he had and just
killed my box! Whoops!
;)

PS - Works in M$

Gregory Boyce wrote:

Mon, 2 May 2005, Zuxy Haiduc wrote:
>
>While most people know better than attacking 127.0.0.1, it's important
>to note that in some operating systems (Windows, and a few others, but
>normally not *nix), anything in 127.* is loopback.
>>
>Its a lot easier to trick someone into attacking, say, 127.36.120.67,
>than 127.0.0.1.
>>
>Just a thought.
>
>
127.36.120.67 works under Linux as well (tested on Ubuntu, Debian,
Redhat and Gentoo with 2.2-2.6 kernels).

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/

Tue, 03 May 2005 08:52:40 +0200, Volker Tanger said:

TH I have seen machines (process/machine crontrol systems) that were
hardwired to 127.0.0.*/24 as ethernet addresses (eth0, not loopback)

And now for some *real* crack-pipe networking:

Early releases of IBM's TCP/IP product for the VM operating system (5798-FAL
was the program number) used 14.0.0.1/8 as the loopback address. This was
in the '89-'92 timeframe, when everybody else had been using 127/8 for at
least 5 years

Full-Disclosure - We believe in it.
Charter:
Hosted and sponsored by Secunia - http://secunia.com/
PGP SIGNATURE
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001

ZBL8Y6XfTTLYlfW9RDpI=
=ahlD
PGP SIGNATURE