Hosting Provided By

Re: Skype Network Remote DoS Exploit

From: Jay <jay.tomas(at)infosecguru.com>
Date: Tue Aug 21 2007 - 15:18:22 EDT

Am I missing something or if it was a concentrated DOS by bots or mischievous cretins, wouldnt we have network evidence like we see in another DOS situations. If the traffic was examined wouldnt we see different findings e.g. malicious calls vs. regular login traffic causing Skype's internal algorithms to choke?

Jay

Original Message ----- From: Roland Dobbins [mailto:rdobbins@cisco.com] To: bugtraq@securityfocus.com Sent: Tue, 21 Aug 2007 10:44:34 -0700 Subject: Re: Skype Network Remote DoS Exploit

On Aug 20, 2007, at 6:52 PM, Valery Marchuk wrote:

> someone made a mistake in the code

I've no insight at all into this issue beyond what's been publicly disseminated, but it's important to note that the Skype folks explicitly stated that there was some sort of flaw in their P2P communications mechanisms which led to the outage, FWIW.

AFAIK, Sype didn't blame Microsoft - they blamed a code flaw on their part and stated that the coincidence of lots of reboots associated with the most recent Microsoft updates exposed the Skype code flaw (again, I've no insight into this matter beyond what Skype have publicly stated).

Roland Dobbins <rdobbins@cisco.com> // 408.527.6376 voice

I don't sound like nobody.

Elvis Presley

Received on Wed Aug 22 16:53:37 2007

This message: [ Message body ]
Next message: imei Addmimistrator: "Olate Download 3.4.2~download.php ~ sql injection"
Previous message: bjohnson(at)bsu.edu: "Re: RE: SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service"
Maybe in reply to: Valery Marchuk: "Skype Network Remote DoS Exploit"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:13:10 EDT

Do you need help?