As I stated, I am not always right.
You make some valid points. My concern was more the fact that nobody, not even GTA knew what Andrew was talking about. Regardless, I stand corrected. Danny -----Original Message----- From: Paul Johnson [mailto:[EMAIL PROTECTED]] Sent: Friday, September 27, 2002 6:44 AM To: 'David Morris' Cc: [EMAIL PROTECTED] Subject: RE: [gb-users] Update on Andrew's claim last night. I tend to agree. Andrew should have first sent the issue to support. If that got no response, he should then have looked at the @gta.com names here and sent it to them. If it is a serious issue, I'm sure that Paul Emerson will be on top of it like stink on you know what. Nothing like going to the top to get a problem resolved if it is serious. Also, David Rastick (wrong spelling, I'm sure) could probably find the right guy. If after a couple of weeks, you don't hear anything at all, then post to the group. I feel certain that you would hear in a day or sooner. Paul Paul R. Johnson Senior Network Analyst Johnson Industries [EMAIL PROTECTED] -----Original Message----- From: David Morris [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 26, 2002 2:24 PM To: Cox, Danny H. Cc: [EMAIL PROTECTED]; Andrew Batson Subject: Re: [gb-users] Update on Andrew's claim last night. Danny, I would hope that NO users follow your advice to post what they believe is a security flaw to this list! That includes any external sequence they know of which will cause a crash of the firewall. Even if the workaround is posted, there is a serious exposure for everyone on this list who might not see the workaround or be able to implemented before some lurking cracker can take action. I certainly DON'T want that information published where it is world readible until GTA has a chance to evaluate it. It is even reasonable to expect that someone would not check their email every day. To suggest they have created a hoax because they failed to respond on your time scale is unfair. Profesional security practitioners would never follow your suggestion. Since you have ignored earlier comments to this effect, I feel compelled to stress this. DO NOT SEND DOS OR SECURITY FLAWS TO PUBLIC MAILING LISTS ... EVER! Dave Morris On Thu, 26 Sep 2002, Cox, Danny H. wrote: > I forwarded Andrew's email (GB lite user with mysterious crashes) to GTA > support. > > They never heard of this issue and sent him emails directly. > > So far, he has not responded. > > I personally must now consider Andrew's claim as nothing more than a > hoax or the frustrated venting of a GTA newbie (probably the latter) - > NO OFFENSE INTENDED. > > Regrettably, the evidence (currently) offers no other conclusion at this > time. > > My final comment is: > > Andrew and others, > > If you want help, or desire to make claims of discovering security > related bugs, PLEASE DO SO by emailing the group. > > Please remember to be professional! > > Please provide details so we can all work on the problem, helping you in > the process. > > Please do not allow your own needs and frustration to get the better of > you. Yes, I too occasionally fall prey to this one! > > To do so, serves no purpose! > > I am not perfect and not 100.0000% right, 100.0000% of the time. > > That is why I am here - To give and get assistance to and from others. > > Andrew, > > If you are still having problems, PLEASE speak up now, provide useful > data and I am certain we will all work to help resolve your firewall > problem(s). > > Sincerely, > > Danny Cox --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
