From soth@soth.users.mindspring.com Sat Sep 14 10:53:40 1996 Received: from dargaard.dkss.com (user-168-121-147-123.dialup.mindspring.com [168.121.147.123]) by suburbia.net (8.7.4/Proff-950810) with SMTP id KAA17554 for ; Sat, 14 Sep 1996 10:53:02 +1000 Received: (from soth@localhost) by dargaard.dkss.com (8.6.12/8.6.9) id TAA20450; Fri, 13 Sep 1996 19:46:11 -0400 From: Lord Soth Message-Id: <199609132346.TAA20450@dargaard.dkss.com> Subject: Re: RealSecure To: ssi@UPT.ORG (SSI) Date: Fri, 13 Sep 1996 19:46:11 -0400 (EDT) Cc: firewalls@greatcircle.com, best-of-security@suburbia.net Reply-To: soth@mindspring.com In-Reply-To: <199609132102.OAA27569@upt.org> from "SSI" at Sep 13, 96 02:02:57 pm X-Mailer: ELM [version 2.4 PL24 PGP2] Content-Type: text > > Mr. Klaus, > > It's curious that your timing with your release of RealSecure(tm) > is markedly close to the release of Phrack Magazine issue 48 -- the very same > issue which released the tools you are mentioning. However, there is > something you are not mentioning which I think the public should know. I find your accusations very interesting in light of the fact you chose not to identify yourself. I'm not sure your accusations hold much water when you refuse to identify yourself. Might you have a grudge against Mr. Klaus? > > One of the Editors and contributors to Phrack Magazine is also a software > engineer for ISS. In fact David Meltzer (who goes by the handle of ReDragon) > is an active organizer of hacker conventions and social functions. Over here, > in the dim light of the 'underground' it seems very much like you are > facilitating hackers with tools to commit SYN floods and then turning around > selling a product to combat the problem. How slippery is that snake oil > Mr. Klaus. That is nice, however the SYN flood script appeared in 2600 Magazine, before It appeared in Phrack 48. And ReDragon has no relationship with 2600. Also the "Neptune project" (in which the code is published) was written by Deamon9, another Phrack Editor, not ReDragon. Also I suspect that those "hackers" are facilitating ISS with tools to protect against it. Security products tend to be one step behind the hackers. > > Perhaps I am not driving this point home succinctly enough. If > so, let me lay this out in a very clear format for public consumption: > > I feel it is highly suspicious that you should release tool for RST'ing SYN > flooding attacks, at roughly the same time a hacker magazine (which one of > your employees edits) releases code for the above mentioned attacks. Have you considered that maybe the bumped up the production schedule to get something out to protect against it. Also note the evaluation is FREE!!!!! (although I expect they will over charge for it like their other products). > > > >RealSecure (tm) is a comprehensive attack recognition and real time response > >tool that ISS is alpha testing and will expire in 60 days. Unfortunately for all of us, These children who get their kicks by SYN flooding won't expire in 60 days. And what kinda a product name is RealSecure? ls -- Satan loves me this I know, Because the necronomcron tells me so.... Little Children Taste so good.. Just like Satan Said they would. -anon. God has no place in public schools, like facts have no place in organized religion. - The Simpsons The most obnoxious thing on the Internet _is_ the Kristian Kolition. -LS