From: http://www.viruslist.com/en/weblog
Thoughts?
No such thing as spyware
Eugene March 03, 2005 | 22:21 MSK
The rising number of cyber-criminals creating more and more different
malicious
Anyone know of any free tools to analyze what changes have been made
to a Windows 2000/XP registry?
Thanks,
...D
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
On Thu, 3 Mar 2005 16:14:03 -, Cassidy Macfarlane
[EMAIL PROTECTED] wrote:
You can, of course, use regmon (sysinternals.com) to monitor the
registry 'live' while changes are being made, however it sounds like you
want a product that would analyse the reg, then re-analyse after
On Fri, 25 Feb 2005 20:17:44 + GMT, Jason Coombs [EMAIL PROTECTED] wrote:
Regarding PivX Solutions,
Anyone who has any information about PivX Solutions, please contact me as
soon as possible.
Don't you work for PivX? What information could you be looking for?
...D
Can the URL displayed on a mouseover in IE, be spoofed?
Thank you,
...D
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
On Tue, 8 Feb 2005 17:51:16 +0100 (CET), Feher Tamas
[EMAIL PROTECTED] wrote:
http://news.zdnet.com/2100-1009_22-5567529.html
GeCad RAV, GIANT and now Sybari Antivirus. Microsoft
swallows smaller anti-malware firms one by one. When the
last one is gone, MS will probably eat the larger ones,
On Fri, 14 Jan 2005 18:14:32 -0600, Ron [EMAIL PROTECTED] wrote:
I just tried to do a google search, and the connection timed out.
Coincidentally, I had to dial back into the Internet. After dialing
back in, I figured I'd alert everybody that Google might be down!
I just tried to do a google
On Tue, 11 Jan 2005 15:13:45 -, Mike Diack [EMAIL PROTECTED] wrote:
Where are they?
They are probably patching their patch release system. :)
Expect them in a couple of hours. Patience grasshopper, patience...
...D
___
Full-Disclosure - We
On Mon, 10 Jan 2005 14:08:11 -0500, Darren Bounds
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Multi-vendor AV gateway image inspection bypass vulnerability
January 10, 2005
A vulnerability has been discovered which allows a remote attacker to
bypass anti-virus
There is a security update, I just noticed it.
x-tad-smaller Security Update 2004-12-02 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:
Apache
AppKit
HIToolbox
Kerberos
Postfix
PSNormalizer
Safari
Lycos' anti-spammer DoS screensaver download website may have been defaced:
http://www.f-secure.com/weblog/
What a defacing week so far...
...D
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
On Tue, 30 Nov 2004 13:39:02 -0500, Crehan, Joe (EM, ITS, Contractor)
[EMAIL PROTECTED] wrote:
Gentleman,
I have been having all kinds of quirky network problems at one of my
facilities. I always used SnifferPro to identify top talkers and babbling
machines.
Now that I work for
On Tue, 30 Nov 2004 13:08:12 -0700, Ben Nelson [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Take a look at:
http://www.insecure.org/tools.html
[...]
Note: The FBI is monitoring HTTP logs from insecure.org.
On Mon, 29 Nov 2004 14:58:25 +0200, Rossen Naydenov
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi guys,
I just noticed the banner on www.sco.com
If you don't saw it( because it is removed) this is what they say:
We own all your code
pay us all your money
On Tue, 23 Nov 2004 20:21:45 +0100, nicolas vigier
[EMAIL PROTECTED] wrote:
Are you really serious ? Is it a joke ?
Dude, I am seriously a naive idiot who just wanted to rant about the
people that abuse IRC. Hopefully this was just a momentary brain fart,
otherwise I might be in trouble, eh?
On Fri, 19 Nov 2004 17:10:13 -0500, Tim
[EMAIL PROTECTED] wrote:
My mistake; I was referring to the discussion, collaboration, and
creation, not the spread.
You mentioned DDoS attacks below. I don't believe that use is a form of
discussion, collaboration, or creation.
Some say we
On Fri, 19 Nov 2004 14:39:13 -0600, Bowes, Ronald (EST)
[EMAIL PROTECTED] wrote:
How does it infect somebody if it's using a .txt file?
They (peoples uneducated in Windows file extenstions) think it's a txt file.
...D
___
Full-Disclosure - We believe
On Fri, 19 Nov 2004 22:48:46 +, Andrew Smith [EMAIL PROTECTED] wrote:
Well, fellow F-D'ers, thanks to the vast array of intelligence and
experience found on this list, my rant about abolishing IRC has been
proven to be far from a solution.
I..can't tell if it's sarcasm or not, damn
On Fri, 19 Nov 2004 13:54:30 -0500, bkfsec [EMAIL PROTECTED] wrote:
Danny wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further
On Fri, 19 Nov 2004 14:47:31 -0500, Keith Pachulski [EMAIL PROTECTED] wrote:
how bout because it is entertaining and it is an easy way to communicate with
a large group of ppl at once
So that trumps it's infestion of illegal activites?
...D
___
On Fri, 19 Nov 2004 14:55:12 -0500, Keith Pachulski [EMAIL PROTECTED] wrote:
been on yahoo lately? or AOL channels or hell how bout gnutella?
Do they organize zombies, foster the creation of backdoors, round up
DoS attacks?
Sure, getting rid of the big piracy rings would be nice, but I am
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
2) A considerable amount of script kiddies originate and grow through IRC?
3) A wee
On Fri, 19 Nov 2004 11:22:31 -0500, KF_lists [EMAIL PROTECTED] wrote:
can you define medium sized epidemic?
Any new features / functionality?
Not too much, except for the fact that it also arrives with the
following attachment extenstions: .doc, .txt, and .word
Which are not typically blocked
On Fri, 19 Nov 2004 12:17:09 -0800, Mister Coffee
[EMAIL PROTECTED] wrote:
Danny wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck
Well, fellow F-D'ers, thanks to the vast array of intelligence and
experience found on this list, my rant about abolishing IRC has been
proven to be far from a solution.
Maybe I will throw my suggestion in as Feature Request for Internet2. :D
...D
___
On Fri, 19 Nov 2004 14:47:36 -0600, Bowes, Ronald (EST)
[EMAIL PROTECTED] wrote:
How exactly do you propose to accomplish this? IRC is an open protocol and
there are many open clients and open servers which can run on any port, and
run encrypted with SSL.
So do you intend to scan every
On Fri, 19 Nov 2004 15:54:54 -0500, Tim
[EMAIL PROTECTED] wrote:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
Isn't email the primary spreading mechanism of viruses?
My mistake; I was referring to the discussion, collaboration, and
creation, not the spread.
On Wed, 17 Nov 2004 04:23:52 -0600, Curt Purdy [EMAIL PROTECTED] wrote:
Danny wrote:
The Secret Service, or any other government enforcement agency would
not condone, promote, or participate in website defacement
activities.
I know some of you have little faith in these agencies
On Tue, 16 Nov 2004 09:07:56 -0600, Todd Towles
[EMAIL PROTECTED] wrote:
Darwin and BSD...Darwin is the open source kernel that OS X uses...=)
What does this have to do with IE and Firefox, again?
...D
___
Full-Disclosure - We believe in it.
Charter:
On Tue, 16 Nov 2004 10:33:26 -0600, Todd Towles
[EMAIL PROTECTED] wrote:
It doesn'tI was responding to another off-topic message. But they
again, how many messages on FD same on topic for more than 10 messages.
=)
Fair enough
Who do you think posted the original IE is just as safe as
On Tue, 16 Nov 2004 16:58:46 +, n3td3v [EMAIL PROTECTED] wrote:
The site which was hosting services, like bombs, fake ID and other
terrorist stuff is now showing a defacement or replacement page
showing words from the intelligence services.
http://www.shadowcrew.com
Is this fake or
On Thu, 11 Nov 2004 20:27:52 -0500, Scott Leff [EMAIL PROTECTED] wrote:
On Thu, 11 Nov 2004 19:18:55 -0500, Danny [EMAIL PROTECTED] wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would
On Fri, 12 Nov 2004 01:50:45 -0500, David B Harris
[EMAIL PROTECTED] wrote:
On Thu, 11 Nov 2004 19:18:55 -0500
Danny [EMAIL PROTECTED] wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would
On Thu, 11 Nov 2004 21:22:26 -0600, Frank Knobbe [EMAIL PROTECTED] wrote:
On Thu, 2004-11-11 at 18:18, Danny wrote:
However, if Firefox or any other browser had the same market share as
IE, would it really be that much more secure?
Wrong question.
It's part of the equation. May
On Fri, 12 Nov 2004 22:15:31 +0100, nicolas vigier
[EMAIL PROTECTED] wrote:
On Thu, 11 Nov 2004, Danny wrote:
Yes, IE security needs work. Yes, Firefox is a great web browser.
However, if Firefox or any other browser had the same market share as
IE, would it really be that much more
On Thu, 11 Nov 2004 15:59:20 -0600, Todd Towles
[EMAIL PROTECTED] wrote:
Microsoft's security and mangement product manager (Ben English) says...
At a security roundtable discussion in Sydney on Thursday, Ben English,
Microsoft's security and management product manager, told attendees that
On Wed, 10 Nov 2004 00:45:12 +1300, Nick FitzGerald
[EMAIL PROTECTED] wrote:
Berend-Jan Wever wrote:
There's a new MyDoom variant exploiting the IFRAME issue ...
In fact, it seems there's a reasonable chance many (most?) AV vendors
will actually (re-)name this Bofra as it is sufficiently
On Wed, 3 Nov 2004 11:32:40 +0300, 3APA3A [EMAIL PROTECTED] wrote:
Dear Danny,
You can use Cain Abel (http://www.oxid.it).
Hi 3APA3A,
Thank you for the tip. For this particular job, it does not display
all of the entries listed from pstoreview.exe, specifically the
INETCOMM Server passwords
On Wed, 3 Nov 2004 09:56:31 -0500, Danny [EMAIL PROTECTED] wrote:
On Wed, 3 Nov 2004 11:32:40 +0300, 3APA3A [EMAIL PROTECTED] wrote:
Dear Danny,
You can use Cain Abel (http://www.oxid.it).
Hi 3APA3A,
Thank you for the tip. For this particular job, it does not display
all
After running: http://ntsecurity.nu/toolbox/pstoreview/
...there are a bunch of INETCOMM Server passwords I want to clear out.
Any idea on how to complete this?
Thank you,
...D
___
Full-Disclosure - We believe in it.
Charter:
On Fri, 22 Oct 2004 13:20:36 -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Posted here:
http://dfind.kd-team.com/36/55/op.php
Stack based overflow, bug discovered by Luigi Auriemma
aluigi.altervista.org
Tested working on Win2K, This public version crash on any WinXP, read
the code
On Fri Oct 22 22:28:50 2004, Farrukh Hussain [EMAIL PROTECTED] wrote:
Hi,
Today I got e-mail from 69.197.83.68 CANADA ISP
You mean a Canadian ISP?
which has undetectable virus.
By all anti-virus vendors?
Well I downloaded this file but I didn't run it because I know it is virus.
If
On Thu, 21 Oct 2004 23:52:18 +0300, Georgi Guninski
[EMAIL PROTECTED] wrote:
due to Tiny-delicate windows implementation, current windows passwords don't
seem long enough (a m$ guy confirmed it).
i recommend windows passwords to be enlarged by 3 to 5 inches.
100% guaranteed! (if permitted by
On Wed, 20 Oct 2004 17:01:56 +0300, Georgi Guninski
[EMAIL PROTECTED] wrote:
the poor m$ guy updated his blog.
looks like he uses Excel(tm) for solving crypto problems.
[...]
Georgi, passwords vs. passphrases, which do you recommend?
...D
___
On Wed, 20 Oct 2004 17:51:26 +0100, Richard Stevens
[EMAIL PROTECTED] wrote:
b: anyone know a free boot disk that both reads writes to NTFS, so I can delete it!
If you have a CD-ROM, http://www.nu2.nu/pebuilder/.
...D
___
Full-Disclosure - We
On Tue, 12 Oct 2004 14:43:44 -0400, d31337 [EMAIL PROTECTED] wrote:
Interesting that XP SP2 doesn't seem to be impacted by any of these
vulnerabilities. Kinda gives you the impression MS knew about these
for some time...
http://www.microsoft.com/technet/security/bulletin/ms04-oct.mspx
Not
On Tue, 12 Oct 2004 19:27:42 -0400, d31337 [EMAIL PROTECTED] wrote:
I should have been more specific to eliminate confusion for those who
consider IE part of the OS.
Revised comment:
Interesting that XP SP2 doesn't seem to be impacted by any of the
*Windows* (not IE) vulnerabilities...
I
layman
Sophos says:
(sync-1.01; andy; I'm just doing my job, nothing personal, sorry)
OK, this can readily be deducted somewhat from the mydoom.exe but not
entirely. Ironically aladdin systems can find itself back in the worm's
'strings' output... a part of it is compressed with stuffit.
On Wednesday 01 October 2003 21:19, Hansen, Kevin wrote:
We have seen multiple instances where DHCP enabled workstations have
had their DNS reconfigured to point to two of the three addresses
listed below. Can anyone else confirm this? Incidents.org is
reporting an increase in port 53 traffic
2000 and XP boxes lose TCP/IP communication and, after a reboot, they
work again.
Win XP tries to push itself as being the authoritative server of its own
host name by attempting to transfer its zone to the (local) dns server,
doesn't it? Erratic behaviour is always a good way to break the
On Saturday 27 September 2003 00:26, David Hane wrote:
I already run my own database of MD5 checksums on all system files.
That's how I know what files were effected. What I would like is
maybe a listing of the files installed and what directories they went
into for the various rootkits.
Are there list mods here?
I'm almost scared to ask based on what i've been reading here lately.
On Friday, July 18, 2003, at 06:15 PM, Anthony Aykut wrote:
How come this list filters/stops/bans profanity, but fails to squeeze
out puss like you?? Just goes to show what a fucking joke this list
/1854215
Danny
-Original Message-
From: northern snowfall [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 16, 2003 3:50 PM
To: Brad Bemis
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Microsoft wins Homeland Security Bid (
Reuters)
You are absolutely right! I will not argue
53 matches
Mail list logo