verified the contents of the applications on your web servers?
Are your customers safe from attacks?
Are you un-knowing as to the status of your system automations such as
updates and the current state of information flow out of the company?
Whilst it is true from this point that Jason Coombs may
is
presented with variables and circumstances with which to contend, not a policy
playbook to follow.
I agree that it would be nice if we could schedule and plan all of our
emergencies according to policy. :-)
Cheers,
Jason Coombs
[EMAIL PROTECTED
And you missed the part about my resume still indicating 'Director of Forensic
Services' of PivX Solutions, and the other evidence of my affiliation with the
company in the very recent past.
There is something very wrong, and I'm doing the right thing.
Regards,
Jason Coombs
[EMAIL PROTECTED
-imaged.
This makes me go Hmmm...
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Mark Remington [EMAIL PROTECTED]
Date: Tue, 1 Mar 2005 18:07:04
To:'Jason Coombs' [EMAIL PROTECTED], 'Burke N. Hare' [EMAIL
PROTECTED]
Cc:full-disclosure@lists.netsys.com
Subject: RE
Regarding PivX Solutions:
I would like to make contact with anyone who has been harmed by PivX Solutions.
If you have been harmed by PivX Solutions, please contact me as soon as
possible.
Thanks.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure
Regarding PivX Solutions:
I would like to make contact with anyone who has been harmed by PivX Solutions.
If you have been harmed by PivX Solutions, please contact me as soon as
possible.
Thanks.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure
Regarding PivX Solutions,
Anyone who has any information about PivX Solutions, please contact me as soon
as possible.
Thanks.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
to abandon a perfectly good key pair in favor of another.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
What we really need is click-through contracts for e-mail messages.
Somebody write an RFC, quick.
-Original Message-
From: Jeremy Bishop [EMAIL PROTECTED]
Date: Fri, 4 Feb 2005 12:25:38
To:full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] some interresting project i just
. America still
welcomes you, but it isn't going to save you from yourself.
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
=SCOX%60
Regards,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Paul,
In the case in point, even with the variables you mention, the entire technical
problem can be reduced to observing how the election officials in various
places have historically constructed ballots and influence just those that can
be influenced in just those states where it will
. Teamed with the fact
that partisan, interested voters are in charge of the process this is very
plausible...
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Anyone know how many cents of MSFT valuation are a direct result of and
attributable to MVPs?
I was lucky... I escaped before anyone threatened to make me into an MVP.
-Original Message-
From: Georgi Guninski [EMAIL PROTECTED]
Date: Sun, 21 Nov 2004 22:01:12
To:Micheal Espinola Jr
University Researchers Challenge Bush Win In Florida
According to researchers at the University of California, Berkeley,
counties with electronic voting machines were significantly more likely
to show increased support for President Bush compared to counties with paper
ballots or optical scan
to be something of a crime against humanity to begin
with. Crimes against computers pose an unusually complicated ethics puzzle, and
at times are clearly beneficial to everyone.
Regards,
Jason Coombs
___
Full-Disclosure - We believe in it.
Charter: http
security as
in any other industry. (Not)
If quality is the true objective, then perhaps we should adopt exceptions to
intellectual property laws to force into the public domain any creative work
that has the capability to impact the security of anything important...
Regards,
Jason Coombs
[EMAIL
Hugo van der Kooij wrote:
I would like to point out a design
flaw in human communication.
What you describe is an implementation bug, not a design flaw.
FD'ers in particular also appear to have a Reply To All defect whereby every thought
that enters one's head while reading FD is compulsively
and the eSlate3000, please
contact me directly.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
0. (The primordial sin) The
vulnerable product is released ...
...
Vendors must work much harder
to avoid releasing ... code ...
Absolutely correct. Vendors who release code are the core problem.
Vendors should not release code, they should release its source.
Where this is not done,
they are causing to people.
... Just another terrible abuse of people's ignorance of complex technical subject
matter like spyware and complex, highly-evolved, often arbitrary, social systems such
as the law.
Sincerely,
Jason Coombs
[EMAIL PROTECTED
of exposure and the Total Risk of Ownership
needlessly.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
,
Jason Coombs
Director of Forensic Services
PivX Solutions, Inc.
[EMAIL PROTECTED]
-Original Message-
From: CHRIS GRABENSTEIN [EMAIL PROTECTED]
Date: Mon, 23 Aug 2004 15:20:39
To:[EMAIL PROTECTED]
Subject: RE: Images being pulled in Outlook 2003 even though don't download pictures
is set
vulnerability in a closed-source
software product. If you're not going to share it with the rest of us,
please consider keeping it to yourself.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full
not long ago. See:
Forensic Data Validation and Integrity Logging
http://www.ddj.com/documents/s=9207/win1069286014914/
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Paul Schmehl [EMAIL PROTECTED]
Date: Fri, 23 Jul 2004 17:11:10
To:[EMAIL PROTECTED]
Subject: Re: [Full
to their customers without
the global hacking community learning about that disclosure?
Any answer other than No. would prove the respondant is not qualified
to give answers to such questions.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We
.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
testimony is in court, and how little effort is put into clarifying the
reality behind technical issues. When the parties stipulate to things
that are not the truth, or when either side is technically inept, it
causes courts to make errors. Then we end up with bad precedent.
Sincerely,
Jason
that the end result was in fact beneficial to you.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
with a reason to worry that things might
get worse. There's no reason to fear that our work here will be
permanently upstaged by world geopolitical events -- and no reason that
I can see to complain that the list hasn't excited you lately.
Do something exciting. And cheer up.
Sincerely,
Jason
a reasonable
business practice?
We know about hacking before it happens!
Then you are complicit and should be prosecuted.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
Richard Johnson wrote:
If you had been subscribed to our iAlert services, you would have known
about this specific hacker threat
http://www.linuxsecurity.net/articles/network_security_article-5514.html
martin f krafft wrote:
Then again, I would be happy to be proven wrong.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
of the biggest frauds going in the software
industry. You really don't want to go there. Consider something useful
instead:
(from http://www.windevnet.com)
Antivirus Software Turned Upside Down
by Jason Coombs ([EMAIL PROTECTED])
Antivirus software exists because viral code and malware exist
John Sage wrote:
I would respond, but I'm currently busy being dead.
In case you need inspiration:
The Voluntary Human Extinction Movement
http://www.vhemt.org/
___
Full-Disclosure - We believe in it.
Charter:
Aloha, Jim.
What in particular makes it immediately clear to you why it was never
published? Not publishing the book saves Microsoft from sending out
conflicting messages when they launch new deceptive advertising
campaigns like this one that will assert that Windows poses less of a
security
Aloha, Russ!
Honey attracts ants, and they're much harder to get rid of than are
flies. Ants also set into motion that whole food web thing, bringing in
larger and larger pests over time.
You should allocate a few more CPU cycles to understanding the real
reason that Microsoft has been nice to
Aloha, Mitch.
Your essay on the immorality of releasing exploit code was very well
thought out, and I commend you for it and for standing up for something
that you believe in -- particularly in a venue that is openly hostile to
your viewpoint.
That having been said, your conclusions are
Aloha, Mitch.
Your essay on the immorality of releasing exploit code was very well
thought out, and I commend you for it and for standing up for something
that you believe in -- particularly in a venue that is openly hostile to
your viewpoint.
That having been said, your conclusions are
article. Since you appear to be an ally of
hers, perhaps you'll forward my comments to her personally.
10/1/2003: Jason Coombs says:
Roberta has been so badly compromised by her own bias that she isn't
aware that she completely missed the point of the report. The Microsoft
monopoly is causing
. There was a time in the
past when there was little doubt that we had freedom.
Freedom must be one of the costs of monopoly.
CyberInsecurity: The Cost of Monopoly
How the Dominance of Microsoft's Products Poses a Risk to Security
http://www.ccianet.org/papers/cyberinsecurity.pdf
Sincerely,
Jason Coombs
FYI it's [EMAIL PROTECTED] not [EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Elv1S
Sent: Tuesday, September 16, 2003 9:53 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
RPC DCOM
this potential for financial reward of malware
authors.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, September 11, 2003 12:25 PM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] RE
is their reward but who instead have learned how to
hack the stock market.
All limits imposed on full disclosure of security vulnerability information
serve the personal financial interests of the few at the expense of the many.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From
Does anyone know of a law in any jurisdiction that allows us to lynch
spammers? Maybe a few public executions would solve the problem.
-Original Message-
From: Sammie Dye [mailto:[EMAIL PROTECTED]
Sent: Sunday, September 07, 2003 4:14 PM
To: [EMAIL PROTECTED]
Subject: Tim recommended you
study the history of
spam and put a little effort once in a while into trying to stop it, just to
really understand the most important generic truth about security of any kind
(go ahead and quote me on this):
Quash the threat here and it will pop up over there.
Sincerely,
Jason Coombs
[EMAIL
Consider the following creative interpretation of the spread of SoBig.F --
1. View each e-mail address found by the virus that it used to send forged
e-mail (From:) as a universe of potential re-infection.
2. Consider that some electronic social circles are more or less clueless, and
that
of the MS Blaster.* alarm? Some people do leave the building when
it's on fire, without waiting for an alarm to tell them to do so... A few of
us will even pick up a fire extinguisher and put the small blaze out before it
grows instead of running around spreading fear and panic.
Sincerely,
Jason
of the MS Blaster.* alarm? Some people do leave the building when
it's on fire, without waiting for an alarm to tell them to do so... A few of
us will even pick up a fire extinguisher and put the small blaze out before it
grows instead of running around spreading fear and panic.
Sincerely,
Jason
of the MS Blaster.* alarm? Some people do leave the building when
it's on fire, without waiting for an alarm to tell them to do so... A few of
us will even pick up a fire extinguisher and put the small blaze out before it
grows instead of running around spreading fear and panic.
Sincerely,
Jason
the likelihood that the oblivious real end-user
will be spewing non-spam, non-worm communications and getting themselves
profiled and logged all over the place as the demonstrable temporary owner of
the IP address in question during the time period of interest...
Just think doubleclick.
Sincerely,
Jason
3. Do nothing
If it 'aint broke, don't fix it. My vote is #3.
The first time I heard about BugTraq it wasn't explained to me in terms of
infosec and my reaction was that's the stupidest idea for a mailing list I've
ever heard, a bunch of people whining about software bugs in programs they
don't
in order
to manipulate the market price of certain A/V vendors' stock. You gotta love
the free market...
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Nick
FitzGerald
Sent: Thursday, August 21, 2003 3:45 AM
To: [EMAIL
in order
to manipulate the market price of certain A/V vendors' stock. You gotta love
the free market...
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Nick
FitzGerald
Sent: Thursday, August 21, 2003 3:45 AM
To: [EMAIL
in order
to manipulate the market price of certain A/V vendors' stock. You gotta love
the free market...
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Nick
FitzGerald
Sent: Thursday, August 21, 2003 3:45 AM
To: [EMAIL
attachment --
it's the least he could do after intentionally covering up for these people.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
to the extent that
anyone else believes in it.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf
Of InfoSec News
Sent: Tuesday, August 19, 2003 2:10 AM
To: [EMAIL PROTECTED]
Subject: [ISN] The sad tale of a security
a six figure boat anchor.
Buy a seven figure yacht.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
I can't image that anything really important would be
connected to the internet. Then again who knows right.
remember that 'connected to the Internet' means, at a minimum, that the device
communicates at some point in time with another device that had the ability to
communicate with the
people of the
opportunity for self-defense are complicit in acts of crime that exploit those
secrets.
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
It appears that the exploit and bindshell portion of the msblast worm is
vanilla, off-the-shelf oc192-dcom.c
The only novel code is likely the scripted commands sent to the remote shell
via port
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jordan
Is this what you're seeing?
6 66.859375 BEFC2500 XEROX 00 MSRPC c/o RPC Bind: UUID
01A0---C000-0046 call 0x7F assoc grp 0x0 xmit 0x16D0
recv 0x16D0 67.30.174.214 WIN2KDEV IP
Frame: Base frame properties
Frame: Time of capture = 8/11/2003 9:25:11.405
Hmm.
A lock is a permissive measure, to permit you to more easily enter a room, for
instance, without having to destroy a portion of one of its four walls. The
lock is installed in a door. The door is a vulnerability. The lock attempts to
compensate for the door vulnerability. Without the lock
, but without some automated mechanism to catalog everything that
exists, the cost to build and maintain such things may keep the really
valuable ones closed source indefinitely.
Jason Coombs
[EMAIL PROTECTED]
--
Vendor coalition touts file validation plan as security measure
The goal is to help
I no think Bruce Schneir smart. This error
made by kids. ¿Matt Murphy right?
Bruce Schneier is plagued by the same vulnerability that plagues most of the
industrialized world: employees.
___
Full-Disclosure - We believe in it.
Charter:
overflows to be mounted by a MITM,
right?
And surely you *must* realize that we can spend days making lists of known
threats and *still* fail to identify *all* possible threats.
No communication that crosses organizational boundaries should *ever* be
automated. Least of all code updates.
Jason Coombs
.
Not that OISAFETY.ORG is going to disband because of my petty criticism and
name-calling.
They'll disband when people ignore them.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
such Vulnerability Reporting and Response
Process; but the economic interests of the few do not outweigh the interests
of the many. We've already been down that path, and the result is Microsoft.
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
, and it has no place in government computing paid for by
taxpayers.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Brad Bemis
Sent: Wednesday, July 16, 2003 6:22 AM
To: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure
Hopefully, they wont learn the hard way like the
FBI did (to a lesser extent) with CALEA.
The CALEA device is based on Solaris, not Windows.
The FBI's Carnivore (a.k.a. DCS1000) is based on Windows.
http://www.epic.org/privacy/carnivore/
___
full disclosure then what you are saying is
that you want somebody else to tell you when you are safe. Good luck, you'll
need it.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
IIS Security and Programming Countermeasures
http://www.forensics.org/IIS_Security_and_Programming_Countermeasures.pdf
-Original Message-
From: Jason Coombs [mailto:[EMAIL PROTECTED]
Sent: Friday, April 18, 2003 4:58 PM
To: [EMAIL PROTECTED]
Subject: FEEDBACK: Testing Microsoft and the DMCA
I'm an author and computer forensics/infosec expert who recently authored a
book about information security
I for one would really like to see patches that also patch an installer
You'd think vendors would stop distributing software known to be vulnerable
due to severe security flaws.
After a critical vulnerability is disclosed publicly, the vendor should be
legally liable for any damage caused by
issues.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
--
A Report on SPAM Blackholes, Blocking/Filtering, and AOL
For the last month I have purposefully used AOL for SMTP server mail relay
in order to analyze the real-world impact of blackhole lists. AOL not only
does not block outbound SMTP from
-Original Message-
From: Jason Coombs [mailto:[EMAIL PROTECTED]
Sent: Sunday, February 16, 2003 10:31 AM
To: Bruce Schneier
Subject: RE: CRYPTO-GRAM, February 15, 2003
Aloha, Bruce.
This is in response to your Crypto-Gram discussion of the Sapphire/SQL
Slammer worm that struck
of merchants who are incompetent at risk management to begin
with and just stop filling orders or choose to ignore orders where AVS
doesn't report a full match.
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of David
Barnett
for the benefit
of script kiddies -- anyone looked into this before? If so, will you share
some references?
Jason Coombs
[EMAIL PROTECTED]
--
Hackers View Visa/MasterCard Accounts
Mon February 17, 2003 11:17 PM ET
NEW YORK (Reuters) - More than five million Visa and MasterCard accounts
lucky for cc fraudsters, issuers opt to create cards in batches where all of
the neighboring card numbers share the same expiration date (month/year).
-Original Message-
From: Kevin Spett [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 18, 2003 11:02 AM
To: [EMAIL PROTECTED]; Richard
Whether or not DeepSight fielded a few nibbles from Sapphire before its
first successful penetration occurred, one has to ask the question who
cares?
If DeepSight couldn't tell administrators that their boxes exposed a
critical remote exploitable well-known buffer overflow vulnerability then
what
organization. It should be dismantled.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Len Rose
Sent: Thursday, January 30, 2003 4:22 AM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] CERT, Full Disclosure
-Original Message-
From: Jason Coombs [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 29, 2003 12:52 PM
To: David Litchfield [[EMAIL PROTECTED]]
Cc: [EMAIL PROTECTED]
Subject: Response to David Litchfield on Responsible Disclosure and
Infosec Research
Aloha, David.
Please continue
of infosec experts who would probably
have agreed to write
this
worm if approached by their nations' government with
proof that an
adversary
was planning to cause severe harm by exploiting the
W32/SQLSlammer
vulnerability.
Sincerely,
Jason Coombs
[EMAIL PROTECTED
Hogwash.
When your box gets destroyed mysteriously and you call your vendor to ask
why, you're going to be happy with the answer you don't need to know, and
we're not going to tell you because it's a secret ??
Ridiculous drivel. But thanks for sharing.
-Original Message-
From: [EMAIL
disclosure to decide which approach they prefer and follow it.
Sincerely,
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
[EMAIL PROTECTED]
Sent: Saturday, January 25, 2003 1:10 PM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure
of a government agency as my speculation suggested.
Jason Coombs
[EMAIL PROTECTED]
-Original Message-
From: Richard M. Smith [mailto:[EMAIL PROTECTED]]
Sent: Saturday, January 25, 2003 1:11 PM
To: [EMAIL PROTECTED]; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure'
Subject: RE: MS SQL WORM IS DESTROYING
84 matches
Mail list logo