On Sun, 27 Jul 2008 09:05:35 +1000, Paul Szabo said: > >> But realizing that going from 11 seconds to (11 * 64512 =3D) 8.21 days > >> is not a significant jump ... > > We had a browser pointed to an "evil page" making image requests for > aaa.victim.com, aab.victim.com etc, for a few seconds. You cannot expect > the browser to stay alive for days. How does this change if the attacker has one or more machines already botted on the ISP's network, and wants to poison the cache to attract more traffic so they can infect more machines?
Attachment:
pgprAtNhI1Uy2.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/