[Full-disclosure] TGP v1.1.13.3

[Thor (Hammer of God)]

I've made some major revisions to TGP over that last couple of weeks, and am 
releasing v1.1.13.3:

http://www.hammerofgod.com/tgp.html

It's on the main site now and I've moved all the pilot stuff over to the HoG 
production site.

Notably, there is support for key creation to 16384 bits, which pretty much 
also required for me to build multi-threading capabilities in so that you could 
go do other stuff while processing huge keys if you wanted to.

Also, based on some dialog on FD where some folks didn't quite get the math 
behind creating large keys and protecting keys with long and complex 
passphrases, I added a feature where I calculate the actual time required to 
crack your password keyspace based on Class F cracking speeds of 1,000,000,000 
passwords per second.  I've always been less-than-thrilled with methods of 
determining how strong a particular password was because "strong" doesn't mean 
anything by itself.  "Complex" means something insofar as structure is 
concerned, but it doesn't translate into real-world applications:  Upper, 
Lower, and Digit for instance doesn't mean much to a person - so I actually 
calculate out the time it takes based on the keyspace used in your password as 
you type it in so that you can see right then that it may only take 1 
year/day/minute to crack your password.

Further, something I've not seen anywhere else is an actual measurement of what 
it will take to crack YOUR password as you type it, not just the keyspace.  To 
brute force up to a two character lower case alpha passphrase's keyspace will 
take 702 iterations (not 676 like most people will tell you since it's only 676 
if you start at "aa").  However, if you actually typed in "jx" as your 
password, that would crack in only 284 iterations.   So I also built in the 
calculation for what your actual password will crack in as well, not just the 
keyspace.  Of course, there are some assumptions I must make about base 
keyspace which are explained on the website if anyone cares to read it.  
There's a bunch of other things listed as well  if you would like to check it 
out.

Next thing on the list is to move from memorystreams to parallel processing in 
smaller blocks so that I'm not dependent on machine memory to encrypt really 
big files.  I'll set up a mailing list at some point for people who would like 
release info.

t

[Description: Description: Description: TimSig]
Timothy "Thor" Mullen
Hammer of God
t...@hammerofgod.com
www.hammerofgod.com

<>___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] targetted SSH bruteforce attacks

[Ryan Castellucci]

I don't see this elsewhere in the thread, so I'll go ahead and share -
the attackers I've been seeing all identify themselves as
libssh-0.4.3

SSH: Server;Ltype: Version;Remote: 200.30.188.12-4249;Protocol:
2.0;Client: libssh-0.4.3
SSH: Server;Ltype: Kex;Remote: 200.30.188.12-4249;Enc: aes256-cbc;MAC:
hmac-sha1;Comp: none
SSH: Server;Ltype: Authname;Remote: 200.30.188.12-4249;Name: sammy

-- 
Ryan Castellucci http://ryanc.org/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Jubei Trippataka]

On Tue, Jun 22, 2010 at 9:41 PM,  wrote:

> On Tue, 22 Jun 2010 12:55:25 +1000, "Ivan ." said:
> > Security is as easy as that..
> >
> >
> http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490
>
> OK. I'll bite.
>
> 1) What antivirus are they going to force me to install on my Fedora
> laptop?
>
> 2) How will they verify the presense of A/V software on a properly
> firewalled
> system?
>
> 3) If the answer to (2) is "run some sort of agent software on every box",
> in how many different ways can this end badly?
>
>
Trust you to break through the idealistic AV discussion with an ACTUAL
logical implementation question. Shame on you! You've just made Belinda's
shitlist.

-- 
ciao

JT
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Andrew???

[Jubei Trippataka]

But if you look like this you deserve it:

http://pics.livejournal.com/weev/pic/00090a2r/s640x480

Funny cuz it's true.

-- 
ciao

JT
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Andrew???

[Iadnah]

I am so tired of hearing all this bullshit about Andrew. Is gossip some sort of 
drug? The man did some shit that some people aren't happy about. Let them deal 
with it in the most direct and reasonable way possible and then leave him the 
hell alone.
-- 
"Fascism should more appropriately be called Corporatism because it is a merger 
of state and corporate power." -- Benito Mussolini

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ MDVSA-2010:122 ] fastjar

[security]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 ___

 Mandriva Linux Security Advisory MDVSA-2010:122
 http://www.mandriva.com/security/
 ___

 Package : fastjar
 Date: June 22, 2010
 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0
 ___

 Problem Description:

 A vulnerability has been discovered and corrected in fastjar:
 
 Directory traversal vulnerability in the extract_jar function
 in jartool.c in FastJar 0.98 allows remote attackers to create
 or overwrite arbitrary files via a .. (dot dot) in a non-initial
 pathname component in a filename within a .jar archive, a related
 issue to CVE-2005-1080.  NOTE: this vulnerability exists because of
 an incomplete fix for CVE-2006-3619 (CVE-2010-0831).
 
 Packages for 2008.0 and 2009.0 are provided as of the Extended
 Maintenance Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 
 The updated packages have been patched to correct this issue.
 ___

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0831
 ___

 Updated Packages:

 Mandriva Linux 2008.0:
 29cfbaec7e6255eb665bc78192b65bd4  
2008.0/i586/fastjar-0.95-1.1mdv2008.0.i586.rpm 
 14db3823db1af8e68f5f5691ca360a4f  
2008.0/SRPMS/fastjar-0.95-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 6d30855f5164f15ada36fb6560d5e98d  
2008.0/x86_64/fastjar-0.95-1.1mdv2008.0.x86_64.rpm 
 14db3823db1af8e68f5f5691ca360a4f  
2008.0/SRPMS/fastjar-0.95-1.1mdv2008.0.src.rpm

 Mandriva Linux 2009.0:
 f77fefb84163a9c08ed4364ca745  
2009.0/i586/fastjar-0.95-3.1mdv2009.0.i586.rpm 
 cb1a7db7aa0df9f9cf4fec3c2a2e76f8  
2009.0/SRPMS/fastjar-0.95-3.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 a7ec5bded41e309a47f11e58b7ce4294  
2009.0/x86_64/fastjar-0.95-3.1mdv2009.0.x86_64.rpm 
 cb1a7db7aa0df9f9cf4fec3c2a2e76f8  
2009.0/SRPMS/fastjar-0.95-3.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 c2df3e75f8160e5bef18bc537a0d  
2009.1/i586/fastjar-0.97-1.1mdv2009.1.i586.rpm 
 ea0e50c4339801ef26b3731d381c43a8  
2009.1/SRPMS/fastjar-0.97-1.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 acbc81b4f44458db7b3d4e4936f2243d  
2009.1/x86_64/fastjar-0.97-1.1mdv2009.1.x86_64.rpm 
 ea0e50c4339801ef26b3731d381c43a8  
2009.1/SRPMS/fastjar-0.97-1.1mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 235889aecb0c352a7fa79a78db132635  
2010.0/i586/fastjar-0.98-1.1mdv2010.0.i586.rpm 
 0319890b30ed72964f5061e8c668f868  
2010.0/SRPMS/fastjar-0.98-1.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 8d57e00fa9a90d9f99a80fda6ca93be0  
2010.0/x86_64/fastjar-0.98-1.1mdv2010.0.x86_64.rpm 
 0319890b30ed72964f5061e8c668f868  
2010.0/SRPMS/fastjar-0.98-1.1mdv2010.0.src.rpm

 Corporate 4.0:
 8ae0be32bc0c26d6a5b4b44b28a8be24  
corporate/4.0/i586/gcc-4.0.1-5.4.20060mlcs4.i586.rpm
 79f01b28da32b36221815ecb9c6b0800  
corporate/4.0/i586/gcc-c++-4.0.1-5.4.20060mlcs4.i586.rpm
 5d500cfca2c534a9c3dae5285b090921  
corporate/4.0/i586/gcc-colorgcc-4.0.1-5.4.20060mlcs4.i586.rpm
 8a3db9618eee24158e715753ab85c87c  
corporate/4.0/i586/gcc-cpp-4.0.1-5.4.20060mlcs4.i586.rpm
 e38e095b4a82f6f34185404dd4e24f9d  
corporate/4.0/i586/gcc-doc-4.0.1-5.4.20060mlcs4.i586.rpm
 e29739a30fcf203f690809d4d5a1b7dc  
corporate/4.0/i586/gcc-doc-pdf-4.0.1-5.4.20060mlcs4.i586.rpm
 a52b298e755784e350671213c048e347  
corporate/4.0/i586/gcc-gfortran-4.0.1-5.4.20060mlcs4.i586.rpm
 739f22bac9eff8ff1ce925a35913ec4d  
corporate/4.0/i586/gcc-gnat-4.0.1-5.4.20060mlcs4.i586.rpm
 5c6d85c2596ebe896599282d1246ac51  
corporate/4.0/i586/gcc-java-4.0.1-5.4.20060mlcs4.i586.rpm
 c58741df491cbe7ec865aa8abfb223b8  
corporate/4.0/i586/gcc-objc-4.0.1-5.4.20060mlcs4.i586.rpm
 b3b6f955e048d4c4484cb8abca5b024f  
corporate/4.0/i586/gcj-tools-4.0.1-5.4.20060mlcs4.i586.rpm
 7481fccd210e1b05ee680d3b82b1958f  
corporate/4.0/i586/libffi4-devel-4.0.1-5.4.20060mlcs4.i586.rpm
 6812a0c08289f467d9d7f87689193f50  
corporate/4.0/i586/libgcc1-4.0.1-5.4.20060mlcs4.i586.rpm
 71ec24cb023ea717a873caca52094de7  
corporate/4.0/i586/libgcj6-4.0.1-5.4.20060mlcs4.i586.rpm
 cba3e17bf4a6bb4db07e81530e61bbfe  
corporate/4.0/i586/libgcj6-base-4.0.1-5.4.20060mlcs4.i586.rpm
 5d2ea3afb4f9ddb67702ccbf3eaf1dc8  
corporate/4.0/i586/libgcj6-devel-4.0.1-5.4.20060mlcs4.i586.rpm
 90a2ddd64e638cebc99353e9ed1b9007  
corporate/4.0/i586/libgcj6-src-4.0.1-5.4.20060mlcs4.i586.rpm
 e560796ba713a55d72ef46d50dc064a0  
corporate/4.0/i586/libgcj6-static-devel-4.0.1-5.4.20060mlcs4.i586.rpm
 fcf35776137fe8b4f2bdd6105a887823  
corporate/4.0/i586/libgfortran0-4.0.1-5.4.20060mlcs4.i586.rpm
 ab1cd67788ae4b69544a101f36f5a706  
corporate/4.0/i586/libgnat1-4.0.1-5.4.20060mlcs4.i586.rpm
 fecffb2b88e2695a3b88d8f804f020bb 

Re: [Full-disclosure] PacketStorm

[Frank Stefan Sundberg Solli]

The site is down due to ddos amongst others, OTW, milw0rm, THC and HITB, 
check out the mirror list of packetstorm, packetstorm is mirrored in 
almost every big country


http://www.mail-archive.com/po...@openbsd.org/msg21205.html

On 06/22/2010 06:33 PM, mezgani ali wrote:

Check mirror website :

http://packetstormsecurity.nl/
http://packetstorm.linuxsecurity.com/


On Tue, Jun 22, 2010 at 4:20 PM, > wrote:


Anyone know what happen to packetstorm.org 

The site is down!




James Smith
Email: ja...@smithwaysecurity.com 
Website: www.smithwaysecurity.com 
Phone Number: (877) 352-6665

***
*The information contained in this message may be privileged and
is confidential information intended for the use of the addressee
listed above. If you are neither the intended recipient nor the
employee or agent responsible for delivering this message to the
intended recipient, you are hereby notified that any disclosure
copying, distribution or the taking of any action in reliance on
the contents of this information is strictly prohibited. If you
have received this communication in error, please notify us
immediately by replying to the message and deleting it from your
computer.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
Ali MEZGANI
Network Engineering/Security
http://securfox.wordpress.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Fw: Re: yahoomail dom based xss vulnerability

[information security]

yes pratul it was working on 13th june :)
>
>
> --- On *Wed, 16/6/10, Vipul Agarwal * wrote:
>
>
> From: Vipul Agarwal 
> Subject: Re: [Full-disclosure] yahoomail dom based xss vulnerability
> To: "pratul agrawal" 
> Cc: full-disclosure@lists.grok.org.uk
> Date: Wednesday, 16 June, 2010, 5:29 AM
>
> Hello Pratul!
>
> I'm sure that the flaw was working on 13th June when you disclosed it on
> the list.
> But its not working today and input is being filtered. Please check it out.
>
>
> On Wed, Jun 16, 2010 at 9:49 AM, pratul agrawal 
> http://mc/compose?to=pratu...@yahoo.com>
> > wrote:
>
>> Thanks Brother,
>>
>>   See, how this occurred, Basically in most of the
>> cases Developers  Simply design a APIs and when the client request for any
>> page this APIs gets Stored in the Client side. its main task is to takes the
>> user input and shows the result immediately  to the client without sending
>> request to the server. so when this type of APIs is vulnerable to XSS this
>> is called the DOM based XSS.
>>
>> Now in this case, when we click on [New Folder] for creating any new
>> folder and provide any javascript, it directly took by the API stored in the
>> client side when the inbox page is load in the client side in yahoomail, and
>> get reflected.
>>
>> that's all the story Bro, hope you understand what i really want to say.
>>
>> Thanks,
>> Pratul Agrawal
>>
>> --- On *Tue, 15/6/10, Benji 
>> http://mc/compose?to...@b3nji.com>
>> >* wrote:
>>
>>
>> From: Benji http://mc/compose?to...@b3nji.com>>
>>
>> Subject: Re: [Full-disclosure] yahoomail dom based xss vulnerability
>> To: "pratul agrawal" 
>> http://mc/compose?to=pratu...@yahoo.com>
>> >
>> Cc: "skg...@gmail.com " <
>> skg...@gmail.com >, "
>> full-disclosure@lists.grok.org.uk"
>> http://mc/compose?to=full-disclos...@lists.grok.org.uk>>,
>> "secur...@yahoo.com " <
>> secur...@yahoo.com >, "
>> i...@cert-in.org.in " <
>> i...@cert-in.org.in >
>> Date: Tuesday, 15 June, 2010, 9:57 AM
>>
>>
>> Sup bro
>>
>> I waz checkin owt ur javascriptz skriptz and waz wonderin if u cud explain
>> how diz shiz werks.
>>
>> Peaze.
>>
>> Sent from my iPhone
>>
>> On 15 Jun 2010, at 09:18, pratul agrawal 
>> http://mc/compose?to=pratu...@yahoo.com>>
>> wrote:
>>
>> Its working Bro.  I think u had done some mistakes so u try it again with
>> check that javascript execution feature is enable in your browser. and bro
>> for execution of script it is must to use proper syntax that contain special
>> characters. just put ">

Re: [Full-disclosure] PacketStorm

[mezgani ali]

Check mirror website :

http://packetstormsecurity.nl/
http://packetstorm.linuxsecurity.com/


On Tue, Jun 22, 2010 at 4:20 PM,  wrote:

> Anyone know what happen to packetstorm.org
>
> The site is down!
>
>
>
>
>  James Smith
> Email: ja...@smithwaysecurity.com
> Website: www.smithwaysecurity.com
> Phone Number: (877) 352-6665
>
> ***
> *The information contained in this message may be privileged and is
> confidential information intended for the use of the addressee listed above.
> If you are neither the intended recipient nor the employee or agent
> responsible for delivering this message to the intended recipient, you are
> hereby notified that any disclosure copying, distribution or the taking of
> any action in reliance on the contents of this information is strictly
> prohibited. If you have received this communication in error, please notify
> us immediately by replying to the message and deleting it from your
> computer.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
Ali MEZGANI
Network Engineering/Security
http://securfox.wordpress.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] targetted SSH bruteforce attacks

[Marc Olive]

A Dimarts 22 Juny 2010 04:06:03, b...@fbi.dhs.org va escriure:
> If you guys are interested I have a list of login/password combos they use:
> 
> http://vapid.dhs.org/ssh-attack-passwd.txt

]$ sort -u ssh-attack-passwd.txt > ssh-attack-passwd.2.txt
]$ wc -l ssh-attack-passwd.*
 11701  ssh-attack-passwd.2.txt
 16653  ssh-attack-passwd.txt

And clean about 30% of repeated entries.

-- 

Marc Olivé
Grup Blau

www.grupblau.com  

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] [ MDVSA-2010:121 ] pango

[security]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 ___

 Mandriva Linux Security Advisory MDVSA-2010:121
 http://www.mandriva.com/security/
 ___

 Package : pango
 Date: June 22, 2010
 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Enterprise Server 5.0
 ___

 Problem Description:

 A vulnerability has been discovered and corrected in pango:
 
 Array index error in the hb_ot_layout_build_glyph_classes function
 in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows
 context-dependent attackers to cause a denial of service (application
 crash) via a crafted font file, related to building a synthetic
 Glyph Definition (aka GDEF) table by using this font's charmap and
 the Unicode property database (CVE-2010-0421).
 
 Packages for 2008.0 and 2009.0 are provided as of the Extended
 Maintenance Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 
 The updated packages have been patched to correct this issue.
 ___

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421
 ___

 Updated Packages:

 Mandriva Linux 2008.0:
 531ca422fc6a6777106d52a282ba6f3e  
2008.0/i586/libpango1.0_0-1.18.2-1.2mdv2008.0.i586.rpm
 f23ea5bef4b70a102e857faa17bde950  
2008.0/i586/libpango1.0_0-modules-1.18.2-1.2mdv2008.0.i586.rpm
 1c015751f614a1559636d91bf4dbf658  
2008.0/i586/libpango1.0-devel-1.18.2-1.2mdv2008.0.i586.rpm
 327fa9bbc9553e8b6e32154d147ac9cd  
2008.0/i586/pango-1.18.2-1.2mdv2008.0.i586.rpm
 b18559906ed0c756fd2232d7286ef3e9  
2008.0/i586/pango-doc-1.18.2-1.2mdv2008.0.i586.rpm 
 199adcc22840415441eae58ab0d686f5  
2008.0/SRPMS/pango-1.18.2-1.2mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 d4c104a71623556bfaae5b910d72d188  
2008.0/x86_64/lib64pango1.0_0-1.18.2-1.2mdv2008.0.x86_64.rpm
 e019d97785600e3e4bfb5d0f9ab72b74  
2008.0/x86_64/lib64pango1.0_0-modules-1.18.2-1.2mdv2008.0.x86_64.rpm
 21303d77e999fb7ea751c7e187a6ea89  
2008.0/x86_64/lib64pango1.0-devel-1.18.2-1.2mdv2008.0.x86_64.rpm
 1a5f6892ee5e0bd5b17aaea3f05c07f3  
2008.0/x86_64/pango-1.18.2-1.2mdv2008.0.x86_64.rpm
 844fed2ee045b84c34a7d24adcc0ca1b  
2008.0/x86_64/pango-doc-1.18.2-1.2mdv2008.0.x86_64.rpm 
 199adcc22840415441eae58ab0d686f5  
2008.0/SRPMS/pango-1.18.2-1.2mdv2008.0.src.rpm

 Mandriva Linux 2009.0:
 f818a1b8cf40a15ca6e7d4a578f858b0  
2009.0/i586/libpango1.0_0-1.22.0-1.2mdv2009.0.i586.rpm
 dc25662f0d2b9d0b36597935d32cf0e0  
2009.0/i586/libpango1.0_0-modules-1.22.0-1.2mdv2009.0.i586.rpm
 9de63eebb567bac21147c9a71929fa94  
2009.0/i586/libpango1.0-devel-1.22.0-1.2mdv2009.0.i586.rpm
 5f2d9e530f510715ba9800da9132507c  
2009.0/i586/pango-1.22.0-1.2mdv2009.0.i586.rpm
 54264e559ff61ea82ce0aaa10fcd7807  
2009.0/i586/pango-doc-1.22.0-1.2mdv2009.0.i586.rpm 
 61b1e84d9e94441486739e706e5807aa  
2009.0/SRPMS/pango-1.22.0-1.2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 d89182f1a67df154436f911ab49c998c  
2009.0/x86_64/lib64pango1.0_0-1.22.0-1.2mdv2009.0.x86_64.rpm
 5128373e230e002664ac1ee89196b4c2  
2009.0/x86_64/lib64pango1.0_0-modules-1.22.0-1.2mdv2009.0.x86_64.rpm
 bb99fd715de3806760035e88fcf54004  
2009.0/x86_64/lib64pango1.0-devel-1.22.0-1.2mdv2009.0.x86_64.rpm
 ac258b1e139acc2ea92c208fdedcf008  
2009.0/x86_64/pango-1.22.0-1.2mdv2009.0.x86_64.rpm
 b66f33df75d3889033d9331f4faa81e6  
2009.0/x86_64/pango-doc-1.22.0-1.2mdv2009.0.x86_64.rpm 
 61b1e84d9e94441486739e706e5807aa  
2009.0/SRPMS/pango-1.22.0-1.2mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 e051fbe50943e1b8ff04e6bda1a6731e  
2009.1/i586/libpango1.0_0-1.24.1-1.1mdv2009.1.i586.rpm
 d4004ac5c7b3554005acef696c95ed17  
2009.1/i586/libpango1.0_0-modules-1.24.1-1.1mdv2009.1.i586.rpm
 1753030920b0dc28410ec500027f5fa8  
2009.1/i586/libpango1.0-devel-1.24.1-1.1mdv2009.1.i586.rpm
 6d113a2583bf72252c6986d4161e30eb  
2009.1/i586/pango-1.24.1-1.1mdv2009.1.i586.rpm
 9bb53788f7448ff149203a1ecc57d88b  
2009.1/i586/pango-doc-1.24.1-1.1mdv2009.1.i586.rpm 
 19b1fd94242fe7477bfd3c9f332be5cb  
2009.1/SRPMS/pango-1.24.1-1.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 96905bb1cb15f2f78eca3f1fc18a18ff  
2009.1/x86_64/lib64pango1.0_0-1.24.1-1.1mdv2009.1.x86_64.rpm
 155f81e153d65cce320ad7b1038caccd  
2009.1/x86_64/lib64pango1.0_0-modules-1.24.1-1.1mdv2009.1.x86_64.rpm
 6ccb79cec84f207d2bf032cec02fb828  
2009.1/x86_64/lib64pango1.0-devel-1.24.1-1.1mdv2009.1.x86_64.rpm
 84a045a5db31ccf90df5910ad8908e93  
2009.1/x86_64/pango-1.24.1-1.1mdv2009.1.x86_64.rpm
 d3b06564ce5342d98162e5b62fda7379  
2009.1/x86_64/pango-doc-1.24.1-1.1mdv2009.1.x86_64.rpm 
 19b1fd94242fe7477bfd3c9f332be5cb  
2009.1/SRPMS/pango-1.24.1-1.1mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 7aa21a2139fa09a02c3134d24df405c

Re: [Full-disclosure] PacketStorm

[Benji]

packetstorm goes down and leading internet research gets owned?

coincidence? i think not

On Tue, Jun 22, 2010 at 4:53 PM, Stack Smasher  wrote:
>
> Dude you just got P0wn3D!!!
>
>
> For the low low price of just $19.95 I can scan your site with a free
> version of Acunetix and hand you a 9000 page report for you to look at!
>
>
>
>
>
>
>
>
> On Tue, Jun 22, 2010 at 9:20 AM,  wrote:
>>
>> Anyone know what happen to packetstorm.org
>>
>> The site is down!
>>
>>
>>
>>
>> James Smith
>> Email: ja...@smithwaysecurity.com
>> Website: www.smithwaysecurity.com
>> Phone Number: (877) 352-6665
>> **
>> The information contained in this message may be privileged and is
>> confidential information intended for the use of the addressee listed above.
>> If you are neither the intended recipient nor the employee or agent
>> responsible for delivering this message to the intended recipient, you are
>> hereby notified that any disclosure copying, distribution or the taking of
>> any action in reliance on the contents of this information is strictly
>> prohibited. If you have received this communication in error, please notify
>> us immediately by replying to the message and deleting it from your
>> computer.
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> --
> "If you see me laughing, you better have backups"
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PacketStorm

[Stack Smasher]

Dude you just got P0wn3D!!!


For the low low price of just $19.95 I can scan your site with a free
version of Acunetix and hand you a 9000 page report for you to look at!








On Tue, Jun 22, 2010 at 9:20 AM,  wrote:

> Anyone know what happen to packetstorm.org
>
> The site is down!
>
>
>
>
>  James Smith
> Email: ja...@smithwaysecurity.com
> Website: www.smithwaysecurity.com
> Phone Number: (877) 352-6665
>
> ***
> *The information contained in this message may be privileged and is
> confidential information intended for the use of the addressee listed above.
> If you are neither the intended recipient nor the employee or agent
> responsible for delivering this message to the intended recipient, you are
> hereby notified that any disclosure copying, distribution or the taking of
> any action in reliance on the contents of this information is strictly
> prohibited. If you have received this communication in error, please notify
> us immediately by replying to the message and deleting it from your
> computer.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
"If you see me laughing, you better have backups"
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PacketStorm

[edgar deal]

nice website .

On Tue, Jun 22, 2010 at 11:20 AM,  wrote:

> Anyone know what happen to packetstorm.org
>
> The site is down!
>
>
>
>
>  James Smith
> Email: ja...@smithwaysecurity.com
> Website: www.smithwaysecurity.com
> Phone Number: (877) 352-6665
>
> ***
> *The information contained in this message may be privileged and is
> confidential information intended for the use of the addressee listed above.
> If you are neither the intended recipient nor the employee or agent
> responsible for delivering this message to the intended recipient, you are
> hereby notified that any disclosure copying, distribution or the taking of
> any action in reliance on the contents of this information is strictly
> prohibited. If you have received this communication in error, please notify
> us immediately by replying to the message and deleting it from your
> computer.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Paul Schmehl]

--On Tuesday, June 22, 2010 12:55:25 +1000 "Ivan ."  wrote:

> Security is as easy as that..
>
> http://www.news.com.au/technology/no-anti-virus-software-no-internet-connecti
> on/story-e6frfro0-1225882656490
>

I don't have a problem with cutting off connections for infected machines.  In 
fact I think that's an excellent idea.  However, the suggestion to require 
antivirus and firewall software to access the internet is naive and dangerous. 
Neither of those technologies will guarantee you an infection-free system, and 
promoting the idea that they will promotes a false sense of security.

Yes, you should use antivirus software if you're running windows, and yes, it's 
a good idea to use a firewall.  Neither is a panacea, however, and neither will 
keep you from getting a trojan from the latest attack methodologies.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
***
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] PacketStorm

[james]

Anyone know what happen to packetstorm.org 
 
The site is down!
 
 

James Smith
Email: ja...@smithwaysecurity.com
Website: www.smithwaysecurity.com
Phone Number: (877) 352-6665

**The information contained in this message may be privileged and is confidential information intended for the use of the addressee listed above. If you are neither the intended recipient nor the employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any disclosure copying, distribution or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[quispiam lepidus]

If the ISP's are being expected to do the policing (which a less than
thorough read of the paper indicates), who's shelling out for all the
NAC kit? The ISP? On top of all the kit required to log all users
Internet activities for an as yet undetermined period of time? On top
of the kit to implement the great firewall of .au?

Welcome to China, we hope you enjoy rice. Although, at least in China
the govt's policy and intention is fairly clear.

On Tue, Jun 22, 2010 at 9:41 PM,   wrote:
> On Tue, 22 Jun 2010 12:55:25 +1000, "Ivan ." said:
>> Security is as easy as that..
>>
>> http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490
>
> OK. I'll bite.
>
> 1) What antivirus are they going to force me to install on my Fedora laptop?
>
> 2) How will they verify the presense of A/V software on a properly firewalled
> system?
>
> 3) If the answer to (2) is "run some sort of agent software on every box",
> in how many different ways can this end badly?
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Romain]

How do you know you have never gotten anything on your system if you don't
have an anti-anything ?
Main aim of current threats is to hide any activity.

2010/6/22 William Warren 

> I don't run anti-anything on my systems and haven't in over 7 years..I
> have never gotten anything on my systems.  it's pretty easy to do..it's
> mostly behavior driven to keep yourself form getting malware.  Also I
> can't find it now but there was a research paper that showed the a/v
> software could be used to instlal malware w/o the a/v software's
> knowledge..no thanks.
>
> On 6/21/2010 10:55 PM, Ivan . wrote:
> > Security is as easy as that..
> >
> >
> http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Christian Sciberras]

I would presume that that would happen after you got infected and started
spreading malware.
Scaring people from the start ought to bring more consciousness.





On Tue, Jun 22, 2010 at 1:41 PM,  wrote:

> On Tue, 22 Jun 2010 12:55:25 +1000, "Ivan ." said:
> > Security is as easy as that..
> >
> >
> http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490
>
> OK. I'll bite.
>
> 1) What antivirus are they going to force me to install on my Fedora
> laptop?
>
> 2) How will they verify the presense of A/V software on a properly
> firewalled
> system?
>
> 3) If the answer to (2) is "run some sort of agent software on every box",
> in how many different ways can this end badly?
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Valdis . Kletnieks]

On Tue, 22 Jun 2010 12:55:25 +1000, "Ivan ." said:
> Security is as easy as that..
> 
> http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490

OK. I'll bite.

1) What antivirus are they going to force me to install on my Fedora laptop?

2) How will they verify the presense of A/V software on a properly firewalled
system?

3) If the answer to (2) is "run some sort of agent software on every box",
in how many different ways can this end badly?


pgp1fUzIpAb0W.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[William Warren]

I don't run anti-anything on my systems and haven't in over 7 years..I 
have never gotten anything on my systems.  it's pretty easy to do..it's 
mostly behavior driven to keep yourself form getting malware.  Also I 
can't find it now but there was a research paper that showed the a/v 
software could be used to instlal malware w/o the a/v software's 
knowledge..no thanks.

On 6/21/2010 10:55 PM, Ivan . wrote:
> Security is as easy as that..
>
> http://www.news.com.au/technology/no-anti-virus-software-no-internet-connection/story-e6frfro0-1225882656490
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Cor Rosielle]

Believe it or not, I do use anti virus on my Windows machine at home and
even accept automatic updates (although MacAfee proved this is a serious
threat). But anti virus is only the second line of defense or the third. The
first line of defense is to "think before you launch a file". If a file is
unexpected, then I simply don't trust it. On several occasions this
prevented virus infection with an up to date AV-scanner (Symantec - I put
the file in a folder to further explore it after some days and then the
AV-scanner did recognize the virus). AV software does fail too.

For any home user who doesn't think or doesn't care, AV-software is probably
a good starting point to give some limited protection for Windows systems.
But such an home should realize he/she also runs risk when running
AV-software and might experience a false sense of security. And if they
don't think or don't care, they should think twice before complaining when
it turns out bad.

For any home user who do think or do care, AV-software can be a good
addition to protect Windows systems, but that is not guaranteed. Realize
that sometimes the cure is worse than the disease and also that malicious
"anti virus software" does exist. Anti virus is not bad by definition. It is
neither good by definition.

And I repeat: Tom has a point that end-users must take some responsibility
for their own computer. I just regret politicians make a lot of fuzz about
legislation that only helps a bit in some cases and invite civilians to lean
backward and believe they are secure because they have followed the rules.

Cor

> -Original Message-
> From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-
> disclosure-boun...@lists.grok.org.uk] On Behalf Of Tom Grace
> Sent: dinsdag 22 juni 2010 11:29
> To: full-disclosure@lists.grok.org.uk
> Subject: Re: [Full-disclosure] No anti-virus software? No internet
> connection
> 
> What would you advise a typical home user do to stay virus/trojan/other
> shit free ? Working on the assumption that they can't tell the
> difference (and really, shouldn't have to) between dangerous and safe
> files.
> AV software is pretty lacking, and the best advice I can think to give
> users is that "everyone on the Internet is out to get you"
> 
> Tom
> 
> On 06/22/2010 10:11 AM, Cor Rosielle wrote:
> > Brilliant thinking. Let's install anti virus and increase the
> computers
> > attack surface without further thinking. That must be safe because
> > politicians tell us to do so. And we all know that politicians always
> tell
> > the truth and happen to know a lot about PC's an security.
> >
> > Sigh. Tom has a point that end-users must take some responsibility
> for their
> > own computer, but that doesn't mean that anti virus is the one and
> only
> > solution. But if you think anti virus is the silver bullet to make
> this
> > world saver, then dream your dreams and I'll dream mine.
> >
> > Cor
> >
> >
> >
> > From: full-disclosure-boun...@lists.grok.org.uk
> > [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
> Christian
> > Sciberras
> > Sent: dinsdag 22 juni 2010 10:56
> > To: Tom Grace
> > Cc: full-disclosure@lists.grok.org.uk
> > Subject: Re: [Full-disclosure] No anti-virus software? No internet
> > connection
> >
> > I completely agree with Tom. A good fraction of all vulns out there
> rely on
> > the user taking the wrong action, and it's way common (just face the
> truth).
> >
> > How many people install cracked OSes? I was once incredulous that a
> person
> > willingly installed a virus because he claimed it was harmless (while
> the
> > anti-virus shouted "trojan").
> >
> > Sometimes I get to fix people's computers. I'm always amazed by the
> amount
> > of crap I get in contact with.  Hundreds of browser toolbars,
> antiviruses,
> > shareware, adware, trials, torrent clients, media players etc.
> > That not counting the local IT shops which format PCs replacing
> (typically)
> > Windows OS with a cracked one.
> >
> >
> >
> > On Tue, Jun 22, 2010 at 9:42 AM, Tom
> Grace
> > wrote:
> > In a way having a requirement that end-users take some responsibility
> > for their own computer is a good thing.
> > Similar to prosecuting people for fraud if they fall for one of the
> cash
> > scams.
> >
> > On 06/22/2010 05:37 AM, Ivan . wrote:
> >> yep, your tax $$$ at work
> >>
> >> Don't forget there Internet filter as well.. With these rocket
> >> scientist running the show, what's there to worry about
> >>
> >>
> >
> http://blogs.news.com.au/techblog/index.php/news/comments/finally_there
> s_pro
> > tection_against_spams_and_scams
> >>
> >> On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
> >> wrote:
> >>> They had a committee working on this for a year and that's the best
> they
> >>> could come up with? HAHAHAHA.
> >>>
> >>> Belinda Neal - With idiots like you and your colleagues tackling
> this
> > issue,
> >>> tax payers deserve to burn you at the stake. BTW... are you really
> a
> > du0d?
> >>>
> >

Re: [Full-disclosure] No anti-virus software? No internet connection

[Christian Sciberras]

Exactly. Or a jail cell.




On Tue, Jun 22, 2010 at 11:38 AM, Dimitry Andric  wrote:

> On 2010-06-22 11:28, Tom Grace wrote:
> > What would you advise a typical home user do to stay virus/trojan/other
> > shit free ? Working on the assumption that they can't tell the
> > difference (and really, shouldn't have to) between dangerous and safe
> > files.
>
> Give them an iPhone/iPad instead? ;)
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Dimitry Andric]

On 2010-06-22 11:28, Tom Grace wrote:
> What would you advise a typical home user do to stay virus/trojan/other 
> shit free ? Working on the assumption that they can't tell the 
> difference (and really, shouldn't have to) between dangerous and safe 
> files.

Give them an iPhone/iPad instead? ;)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[mrx]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I agree in principal, security does start with the user.

However, computers and connected computing devices with the advent of
locked down systems and cartoon like user interfaces, have become consumer 
devices.

These devices no longer require any knowledge of how they work nor skill beyond
basic reading and rudimentary hand eye co-ordination to operate. They are being
used by six year olds and grandmothers, IT security guru's and those with 
learning
difficulties.

This is true of the Internet also, it is a consumer playground.

Hardware, software and system developers have done a great job in making all 
this power
and connectivity available to those who can't or don't want to think. But a 
features first,
security second approach seems all too prevalent. It's only the stuff on show 
that sells!

Should the security of complex consumer devices be the responsibility of a 
potentially incompetent user,
or the developers of such systems who are fully aware of the failings in their 
target audience?

regards


On 22/06/2010 09:56, Christian Sciberras wrote:
> I completely agree with Tom. A good fraction of all vulns out there rely on
> the user taking the wrong action, and it's way common (just face the truth).
> 
> How many people install cracked OSes? I was once incredulous that a person
> willingly installed a virus because he claimed it was harmless (while the
> anti-virus shouted "trojan").
> 
> Sometimes I get to fix people's computers. I'm always amazed by the amount
> of crap I get in contact with.  Hundreds of browser toolbars, antiviruses,
> shareware, adware, trials, torrent clients, media players etc.
> That not counting the local IT shops which format PCs replacing (typically)
> Windows OS with a cracked one.
> 
> 
> 
> 
> On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace wrote:
> 
>> In a way having a requirement that end-users take some responsibility
>> for their own computer is a good thing.
>> Similar to prosecuting people for fraud if they fall for one of the cash
>> scams.
>>
>> On 06/22/2010 05:37 AM, Ivan . wrote:
>>> yep, your tax $$$ at work
>>>
>>> Don't forget there Internet filter as well.. With these rocket
>>> scientist running the show, what's there to worry about
>>>
>>>
>> http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams
>>>
>>> On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
>>>   wrote:
 They had a committee working on this for a year and that's the best they
 could come up with? HAHAHAHA.

 Belinda Neal - With idiots like you and your colleagues tackling this
>> issue,
 tax payers deserve to burn you at the stake. BTW... are you really a
>> du0d?

 --
 ciao

 JT

>>>
>>> ___
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


- -- 
Mankind's systems are white sticks tapping walls.
Thanks Roy
http://www.propergander.org.uk
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBTCCFA7Ivn8UFHWSmAQKPywf8CmdPJvwibGI2f6/3dJKMo2glRAvGzWNi
9VY6cU0ymjEGdC53gcbz7pb/D60aotU5xu6LvSx4qqQLJnvjFl2yKPGleT8VVvP8
UUqe891ZLnWDtWTHrdhP8REoSdsdyuQpZisnvBmb7r4gZVdhnzZVaoZcF5okn5wI
Wm7XWrNFjj4fJkXCsv1r/3g2CDgRpHLDgTfd4xt5t2hqYUcnusjb9CO+6lRABtOW
sbBDXa3y4PTAzAkD0MdlIXmEzjQsGopkNKJt1Uw6X57h1rjg31KOjCZea+/S9ozn
0CedmA7DT257hJpKOssboP1LyaLyvmEhVwBfsu4eeH490TE18NKIZQ==
=pUSe
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Tom Grace]

What would you advise a typical home user do to stay virus/trojan/other 
shit free ? Working on the assumption that they can't tell the 
difference (and really, shouldn't have to) between dangerous and safe 
files.
AV software is pretty lacking, and the best advice I can think to give 
users is that "everyone on the Internet is out to get you"

Tom

On 06/22/2010 10:11 AM, Cor Rosielle wrote:
> Brilliant thinking. Let’s install anti virus and increase the computers
> attack surface without further thinking. That must be safe because
> politicians tell us to do so. And we all know that politicians always tell
> the truth and happen to know a lot about PC’s an security.
>
> Sigh. Tom has a point that end-users must take some responsibility for their
> own computer, but that doesn't mean that anti virus is the one and only
> solution. But if you think anti virus is the silver bullet to make this
> world saver, then dream your dreams and I'll dream mine.
>
> Cor
>
>
>
> From: full-disclosure-boun...@lists.grok.org.uk
> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Christian
> Sciberras
> Sent: dinsdag 22 juni 2010 10:56
> To: Tom Grace
> Cc: full-disclosure@lists.grok.org.uk
> Subject: Re: [Full-disclosure] No anti-virus software? No internet
> connection
>
> I completely agree with Tom. A good fraction of all vulns out there rely on
> the user taking the wrong action, and it's way common (just face the truth).
>
> How many people install cracked OSes? I was once incredulous that a person
> willingly installed a virus because he claimed it was harmless (while the
> anti-virus shouted "trojan").
>
> Sometimes I get to fix people's computers. I'm always amazed by the amount
> of crap I get in contact with.  Hundreds of browser toolbars, antiviruses,
> shareware, adware, trials, torrent clients, media players etc.
> That not counting the local IT shops which format PCs replacing (typically)
> Windows OS with a cracked one.
>
>
>
> On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace
> wrote:
> In a way having a requirement that end-users take some responsibility
> for their own computer is a good thing.
> Similar to prosecuting people for fraud if they fall for one of the cash
> scams.
>
> On 06/22/2010 05:37 AM, Ivan . wrote:
>> yep, your tax $$$ at work
>>
>> Don't forget there Internet filter as well.. With these rocket
>> scientist running the show, what's there to worry about
>>
>>
> http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_pro
> tection_against_spams_and_scams
>>
>> On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
>> wrote:
>>> They had a committee working on this for a year and that's the best they
>>> could come up with? HAHAHAHA.
>>>
>>> Belinda Neal - With idiots like you and your colleagues tackling this
> issue,
>>> tax payers deserve to burn you at the stake. BTW... are you really a
> du0d?
>>>
>>> --
>>> ciao
>>>
>>> JT
>>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] targetted SSH bruteforce attacks

[bugs]

If you guys are interested I have a list of login/password combos they use:

http://vapid.dhs.org/ssh-attack-passwd.txt


> On 6/17/2010 3:21 PM, Paul Schmehl wrote:
>> --On Thursday, June 17, 2010 11:04:52 -0700 Xin LI 
>> wrote:
>>>
>>> Of course it's wise to disable password authentication and just use
>>> public key authentication.
>>
>> Why?  Ssh is encrypted, so you're not exposing a password when you
>> login.  How
>> does public key authentication make you more secure (in a practical
>> sense)?
>
> In the case of SSH password auth you are handing the plaintext password
> directly to any server you log in to. For many of us, this is basically
> any time we're expecting to contact that server for the first time from
> that client machine. For users who are willing to bypass a server key
> mismatch warning, they may be giving away their password every time.
>
> I know there's somebody out there who always verifies server
> fingerprints through an independent trusted channel before accepting
> them. I would like to meet this person.
>
> Often the same password is used on multiple systems (e.g.
> kerberos/active directory).
>
> However, if the client is configured to only use public key auth,
> accidentally connecting to a malicious server does not automatically
> give the bad guy your plaintext password.
>
> - Marsh
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Cor Rosielle]

Brilliant thinking. Let’s install anti virus and increase the computers
attack surface without further thinking. That must be safe because
politicians tell us to do so. And we all know that politicians always tell
the truth and happen to know a lot about PC’s an security.

Sigh. Tom has a point that end-users must take some responsibility for their
own computer, but that doesn't mean that anti virus is the one and only
solution. But if you think anti virus is the silver bullet to make this
world saver, then dream your dreams and I'll dream mine.

Cor


 
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Christian
Sciberras
Sent: dinsdag 22 juni 2010 10:56
To: Tom Grace
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] No anti-virus software? No internet
connection

I completely agree with Tom. A good fraction of all vulns out there rely on
the user taking the wrong action, and it's way common (just face the truth).

How many people install cracked OSes? I was once incredulous that a person
willingly installed a virus because he claimed it was harmless (while the
anti-virus shouted "trojan").

Sometimes I get to fix people's computers. I'm always amazed by the amount
of crap I get in contact with.  Hundreds of browser toolbars, antiviruses,
shareware, adware, trials, torrent clients, media players etc.
That not counting the local IT shops which format PCs replacing (typically)
Windows OS with a cracked one.



On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace 
wrote:
In a way having a requirement that end-users take some responsibility
for their own computer is a good thing.
Similar to prosecuting people for fraud if they fall for one of the cash
scams.

On 06/22/2010 05:37 AM, Ivan . wrote:
> yep, your tax $$$ at work
>
> Don't forget there Internet filter as well.. With these rocket
> scientist running the show, what's there to worry about
>
>
http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_pro
tection_against_spams_and_scams
>
> On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
>   wrote:
>> They had a committee working on this for a year and that's the best they
>> could come up with? HAHAHAHA.
>>
>> Belinda Neal - With idiots like you and your colleagues tackling this
issue,
>> tax payers deserve to burn you at the stake. BTW... are you really a
du0d?
>>
>> --
>> ciao
>>
>> JT
>>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Christian Sciberras]

I completely agree with Tom. A good fraction of all vulns out there rely on
the user taking the wrong action, and it's way common (just face the truth).

How many people install cracked OSes? I was once incredulous that a person
willingly installed a virus because he claimed it was harmless (while the
anti-virus shouted "trojan").

Sometimes I get to fix people's computers. I'm always amazed by the amount
of crap I get in contact with.  Hundreds of browser toolbars, antiviruses,
shareware, adware, trials, torrent clients, media players etc.
That not counting the local IT shops which format PCs replacing (typically)
Windows OS with a cracked one.




On Tue, Jun 22, 2010 at 9:42 AM, Tom Grace wrote:

> In a way having a requirement that end-users take some responsibility
> for their own computer is a good thing.
> Similar to prosecuting people for fraud if they fall for one of the cash
> scams.
>
> On 06/22/2010 05:37 AM, Ivan . wrote:
> > yep, your tax $$$ at work
> >
> > Don't forget there Internet filter as well.. With these rocket
> > scientist running the show, what's there to worry about
> >
> >
> http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams
> >
> > On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
> >   wrote:
> >> They had a committee working on this for a year and that's the best they
> >> could come up with? HAHAHAHA.
> >>
> >> Belinda Neal - With idiots like you and your colleagues tackling this
> issue,
> >> tax payers deserve to burn you at the stake. BTW... are you really a
> du0d?
> >>
> >> --
> >> ciao
> >>
> >> JT
> >>
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] No anti-virus software? No internet connection

[Tom Grace]

In a way having a requirement that end-users take some responsibility 
for their own computer is a good thing.
Similar to prosecuting people for fraud if they fall for one of the cash 
scams.

On 06/22/2010 05:37 AM, Ivan . wrote:
> yep, your tax $$$ at work
>
> Don't forget there Internet filter as well.. With these rocket
> scientist running the show, what's there to worry about
>
> http://blogs.news.com.au/techblog/index.php/news/comments/finally_theres_protection_against_spams_and_scams
>
> On Tue, Jun 22, 2010 at 2:32 PM, Jubei Trippataka
>   wrote:
>> They had a committee working on this for a year and that's the best they
>> could come up with? HAHAHAHA.
>>
>> Belinda Neal - With idiots like you and your colleagues tackling this issue,
>> tax payers deserve to burn you at the stake. BTW... are you really a du0d?
>>
>> --
>> ciao
>>
>> JT
>>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/