Someday (not soon!) I’ll likely satisfy a curious project of mine in making a more aggressively defensive network. And vulnerabilities like the recently posted Wireshark MMS DoS are a perfect example of having a slightly more dangerous network to interlopers. Put up an outdated Wireshark sniffer while I randomly send out these packets and you won’t get too much. Especially anyone who uses live cds with outdated software. In this case, it is not necessarily about protecting devices and data, but actively knocking off rogue intruders.
2 thoughts on “wireshark dos can lead to a more aggressive defense”
Yes, network IDS/IPS suffers from the inability to keep their sensors up and running should an adversary become aware of their existence.
It’s similar to shooting out the lights or the cameras when breaking into a building.
Comments are closed.