Wednesday, August 28, 2013

Orlly?

Look, I know that you call yourself a "penetration tester" and a "white hat hacker", but I've been doing this longer than you have. Trying to convince me that your newly discovered denial of service attack is a "high risk" vulnerability is not convincing. You can't get anyone's data and you can't pen someone's boxen with your uber 'sploit.

Sorry, not impressed. It's the Internet: there's nothing but DoS out there.

Your CVSS scores are boring, and it's entirely clear that you have no idea how arbitrary that "metrics based" scoring system actually is.

And your Mom dresses you funny. Get offa my lawn, kid.

This ends today's security rant.


- Posted using BlogPress from my iPhone

4 comments:

  1. There has to be a story behind this.

    ReplyDelete
  2. 27,000 students back on campus with computers and cell phones. That's a self-inflicted D.O.S. for everyone, usually about lunchtime.

    The network perks up as the afternoon wears on and students and staff leave campus.

    ReplyDelete
  3. lee, it's been a long few weeks, and it was one too many too-smart-by-half youngster today.

    ASM826, I'm sure that the Cisco sales rep can help you with more bandwidth ... ;-)

    Of course, that's a Denial Of Service on the IT budget.

    ReplyDelete
  4. ...and your gun sucks, and you're holding it wrong
    Rich in NC

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.