> Yeah the last time I can remember that someone tried that on FD, was > that some called exploit that had a IRC trojan in it...it was discovered > after about 5 secs..lol
Ah yes - that perl script that magically appeared in the tmp directory. heh, hey, can't blame the guy for trying. Also to touch on the Nigerian scam, I get more of those to my "list only" address then anything else. I've never seen so many per day either... they must be crawling the lists, desperate for suckers. I dragged someone along for a few months just for $hits and giggles. lol He sent me pictures, passport photocopy, bank transfer statements, all kinds of good stuff. I posted it over on: http://www.scamorama.com/ Good times. -- Peace. ~G On Fri, 26 Nov 2004 13:44:01 -0600, Todd Towles <[EMAIL PROTECTED]> wrote: > Yeah the last time I can remember that someone tried that on FD, was > that some called exploit that had a IRC trojan in it...it was discovered > after about 5 secs..lol > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Ron > > Sent: Friday, November 26, 2004 12:40 PM > > To: n3td3v > > Cc: [EMAIL PROTECTED] > > Subject: Re: [Full-Disclosure] Mailing lists and > > unsolicited/malicious spam > > > > One thing to note, however, is that people who post on this > > list would tend to be the ones who know better than to listen > > to spam or to open viruses or to help out those pool old > > Nigerian Diplomats. > > > > > > n3td3v wrote: > > > > >How many people are actually subscribed (on FD) and what are the > > >general figures for subscribers for high profile mailing > > lists, has any > > >figures ever been released? And would the theft of the list > > of e-mails > > >subscribed be of value to spammers? I think it would be, I hope FD > > >admin is up to date with and keeping tracks of bugs as the > > rest of us. > > >If malicious hackers/script kiddies got hold of the list, I > > think they > > >would be able to attack a good percentage of inboxes with > > whatever they > > >send. Weather it be porn spam or a phishing to take > > passwords or if it > > >be malcious code to take advantage of POP mail clients via SMTP. > > > > > >I think already FD is targeted by spam/phishing hackers who wish to > > >collect e-mail addresses for further exploration. Perhaps > > posting on FD > > >could be a security risk in itself (well not just FD but > > mailing lists > > >online in general) as far as POP mail clients and SMTP is concerned. > > >(web-based e-mail has its own problems which usually don't have the > > >risk of taking over computers like mail clients do. Usually > > web-based > > >e-mail is just at risk from xss/cookie disclosure/account theft, > > >whereas malicious code sent to mail clients can take over whole > > >computer systems) > > > > > >For those of you who already have a "mailing list only" > > e-mail address > > >and a seperate address for work related/corporate/company > > matters, do > > >you see a different level of unsolicited spam, compared to the work > > >address or other private e-mail address for friends and family? I'm > > >thinking about setting up the same myself, just for experimental > > >reasons! I think i'll find some differences between the two. > > > > > >Sorry if you don't care about anti-spam, but its something i'm > > >interested in. Sorry to all the script kiddie hax0rs who > > don't like me > > >working against you and your e-mail collecting bots! > > > > > >Plus, do FD admin and other high profile mailing lists have > > honey pots > > >or similar methods to catch FD/mailing list born spam? I > > believe a big > > >mailing list can have its own domestic/internal spam, > > seperate from the > > >general internet who are not subscribed to the given mailing list or > > >lists, and even different mailing lists having its own group of > > >spammers targeting them, with its own nature of spam/phish/malicious > > >code exploration. > > > > > >Thanks, > > >n3td3v > > > > > >_______________________________________________ > > >Full-Disclosure - We believe in it. > > >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > > > > > > > > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html