Re: [Full-disclosure] Multiple Vendor DNS Cache Poisoning issue
>> amazing! what a great detailed advisory! a total of three vague >> sentences. you are an idiot. > But their website graphics is super cool! And it says "Security Over Simplified" after all. -- Thanks, Peter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New round of SSH scan IP's
> its not quite the best way, human resource-wise, > to get on top of these damn scanners :-| We've replaced the allow ssh access to all with an allow on a need basis. So most national IP-ranges, several foreign ones and some static IPs are allowed. All the rest is bumped. We have no customers in China, Korea, Russia, etc. It sure cut down on the number of scans we see. We'll probably add rate limitation on top. Client certificates would cut it down completely, but is more expensive to implement. It would also require everybody to always carry a USB (or something) with their cert. -- Thanks, Peter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Google Tracking
> But this 'big brother' scenario is not the case in my opinion. At least > not now. That might be true. But the case is that somebody could. And we all know that if something can, eventually someone will. > The case is to sell more Adwords. The difference between intent and ability. Personally I find the extent of this ability rather scary. Specially as we have not yet seen the end of it. You can already upgrade your navigation package subscription with a feature that allows you to see where exactly your "buddies" are. This can (too) easily be extended for different purposes and combined with other data sources. Anyway, personally I see a HUGE risk that does not have it's precedence in history. Remember that governments increasingly court-order access to communications infrastructure and are spending billions on intercepting and searching all global communications ex. Carnivore and now Echelon). At some point some official will wake up and think "What a neat idea! It's all there!" And of course criminal organizations are likewise interested. Then even more, THE Google keyword is selling. They already sell censorship technology to at least China. What would stop Google from selling the combined collected surveillance data on Chinese citizens to the Chinese government. Yes you can throw up smoke curtains and hide your tracks and some will, but most won't. And that would effectively stop social reforms dead in it's tracks as that's a thing of the masses, not the "elite". I even doubt there is legislation in effect that is able to deal with the type and scale of privacy risk that is being whipped together here. I'm not even sure anybody is fully aware of what is really happening behind those curtains. And when things blow up, "I did not know" can never be an excuse. -- Peter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Month of Random Hashes: DAY THIRTEEN
Ronald MacDonald wrote: > God's sake, that's enough already! Luckily you quoted them in full, adding even more. It can't be long before someone lame enough will launch the month of hashes of random hashes. -- Peter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Fwd: MOST URGENT]
> > recently died of Colonium-210 poisoning under mysterious > > circumstances". > Colonium my arse! Well, Colonium-210, maybe something like Chanel-5. Is for the cheeks too, though you're talking about the other cheeks... Peter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Blocking Skype
This line is not necessary since standard squid.conf contains this line: That has nothing to do with the proposed configuration. No serious squid implementation would have a standard ACL list, so every serious admin would rewrite them. And if you are serious you have some sort of convention for names. His was obviously "connect" instead of "CONNECT", like ours is "Connect". The proposal was none the less correct for it. so simply use the uppercase version (squid does not check upper and lower case in acl names) I would nevertheless to case matching in actual configs. Respect :O) Two typos in just one line. With CONNECT mentioned above: No, the "connect" was certainly not a typo. But indeed the "http access" was. > BTW: I'm sure, it will break a lot of other things but skype, too. Do you mean "I'm sure it will break a lot of other things, but skype too.", or "I'm sure it will break a lot of other things but skype."? I guess we all mak typos :>) > BTW: I'm sure, it will break a lot of other things but skype, too. That was pointed out first by the original poster himself. And I agree with him that most of those "other things" are likely intentional too. If indeed legitimate sites are found to be hindered I would prefer to make explicit ACL entries for those, or notify the remote admin we are unfortunately not able to access their website. > 2cent Hmmm... -- Regards, Peter ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/