Re: [Full-disclosure] The war in Palestine
Just for that, I think I'm going to download some multigig torrents, and then delete them. After seeding for a bit of course, anything else would be unneighbourly. Ease up. We already get enough chaff on this list (including this thread) without getting into some debate about how every character we type is part of some global conspiracy to drive up energy consumption. --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire If computers get too powerful, we can organize them into a committee -- that will do them in. - Bradley's Bromide On Sat, 2009-01-03 at 12:00 +0100, Fabio Pietrosanti (naif) wrote: First learn how to anwer to mailing lists without wasting precious bandwidth doubling your signature. Do you know that consuming bandwidth means consuming more energy and that consuming more energy means empowering global conflicts and wars for the energetic resources? Even if you don't know, you are doing exactly what multi-national corporations wants, wasting bandwidth to waste energy to increase energy conflicts to sell armaments for wars. Think about it, it was just a bunch of bytes of your doubled signature in an email. Which is the increase of potential damage for the entire world? -naif Handrix wrote: Oh My God, I can see how you've been brainwashed. don't care about media stories, ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ signature.asc Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Need some help with management
Hi Daniel, There are a great many reasons why this is a bad idea, and I'm sure you actually know most of them. If your management isn't buying the rationale behind not allowing untrusted systems on the network, my suggestion would be to put them on the spot and ask them to absolve you, and your team, of any responsibility for that system and resulting security/regulatory incidents that arise from it being unmanaged. In writing. Then place any/all ACL's necessary to prevent domain systems from connecting to, or being connected to, by that system. Of course, I'm rather dying of curiosity as to why they feel a simple file server shouldn't be managed and secured by the IT group. That's just... odd. Cheers, - Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On Thu, 2008-05-22 at 09:51 -0700, Daniel Sichel wrote: My management here wants to put a server on our LAN, not administered by us (the IT department) and use a share on it to serve files and data to our workstations. They do not understand why having a server with a file share that is NOT part of our secure infrastructure represents a threat to the computers accessing it. Keep in mind this is an all Windows network. Sooo, if you guys can succinctly explain why having a trusted computer trust an untrusted computer is a problem, that would be helpful. Keep in mind we are talking to management here. It’s kind of like trying to explain why, when you are in the United States, it’s a bad idea to drive on the left hand side of the road. It’s just so basic it’s not documented anywhere. So, please help me explain why netbios and file shares on machines not within your network are bad ideas. Thanks, Daniel Sichel, CCNP, MCSE,MCSA,MCTS (Windows 2008) Network Engineer Ponderosa Telephone (559) 868-6367 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ signature.asc Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v has a fan
Razi, at this point you've pretty much gone over the line. I'd consider calling him a lot of things, but spammer isn't one of them. You're definition of spam is not a generally accepted one, and shouldn't be used to describe what n3td3v does. His emails are hardly bulk, and are directed at a list of users who have *subscribed* to FD. If you aren't willing to tolerate or at least deal with the noise level, you should find a moderated list. So long as FD is unmoderated, there will be wide range of topics posted, not all of which are immediately pertinent to a disclosure of a vulnerability in code/applications/sites. If you don't want to see the noise, filter it out and stop responding to it. - Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On Tue, 2008-04-08 at 00:49 +0300, Razi Shaban wrote: Spamming is sending multiple emails to a mailing list or usenet group promoting something - in this case, the n3td3v agenda. Multiple emails... check. Mailing list... check. Promoting something... check. -- Razi signature.asc Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] What's going on about Pangolin
Why should he show the source to his work? To allay valid concerns of the intended users. With some of the discussion at this point, it would certainly benefit the author if he wants to gain wider usage and discourage uninformed opinion. --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 28-Mar-08, at 10:38 AM, josh wrote: Why should he show the source to his work. I don't see him selling it, he isn't twisting your arm to use it. He released it for free. Either use it or don't. Sent from my BlackBerry® smartphone with SprintSpeed -Original Message- From: Andreas Selvicki [EMAIL PROTECTED] Date: Fri, 28 Mar 2008 10:25:25 To:full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] What's going on about Pangolin Let's see the source please. On 3/26/08, [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: I've just read the discussion from here, seriously, I don't know what's going on. I've coded it since 2005 and never release it until this year. And I really do not know why it be treated as a backdoor. If you think it is a backdoor, so please do a reverse engineering on it. You can capture the network packet, you can list all the strings in it, even you can hook APIs in it. Do anything you like to make sure whether it's backdoor or not. BTW, I packeted it through UPX to reduce the size. And some people focused on http://www.nosec.org/web/index.txt http://www.nosec.org/web/index.txt , which is used in ORACLE injection mode when the target database is in intranet so we can use some store-procs to make the target to visit our website then we can receive the internet address that is mapped to outside. Anybody who is good at oracle injection should know this. Really, I wanna know why!!! div class=w134 2008年薪水翻倍技巧 http://doc.go.sohu.com/200802/5e1b674ab8183f3db8baba 8ee4c6dd53.php *用搜狗拼音写邮件,体验更流畅的中文输入gt;gt; http://goto.m ail.sohu.com/goto.php3?code=mailadt-ta ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ PGP.sig Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Free Tibet..
Jerome, I find it odd that you would tell someone to ignore a media source and then not provide an alternative. While there are plenty of reasons, and good reasons, to be suspicious of western media, the facts speak for themselves. - There was violence in Tibet and a lot of protesters died. - The Chinese government said they did send in security forces but they didn't kill anyone and their forces weren't even armed. - Independent sources in Tibet, which are remarkably hard to find right now, managed to get information out. - The Chinese government fesses up days letter and says yes they killed people, and yes their security forces were armed. Just what is it you were trying to refute with this post to the list? -- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On Tue, 2008-03-25 at 13:31 +0800, Jerome Jar wrote: Please, I humbly think that you know possibly nothing about Tibet, the province of China. A lot of Chinese people, who used to take western medias as the representation of good will and perhaps democracy, do feel sick of the misleading news article pieces produced by such medias on this very topic of Tibet. If all of your knowledge about the Tibet event comes from such sources, just ignore them. On Tue, Mar 25, 2008 at 8:57 AM, Gerald Maggro [EMAIL PROTECTED] wrote: ..with purchase of one country of equal or greater value? Seriously though, those cocksuckers in the Chinese gov't are at it again... wait, they never stopped. Murderous freedom hating ways. Just not right. How about a bigger target than Scientology this time? China's got the Olympics coming up, that makes them more sensitive than usual. The Dalai Lama can be as peaceful as he wants... more action is needed. Alot more. Anyone want to pick a fight with the Chinese? signature.asc Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Free Tibet..
Nah, there are a number of blogs and non-Western sources that are providing much the same information. Check out the English Al-Jazeera site for examples. Hardly a news source that is 'friendly' to Western interests, and definitely not a puppet like Fox or similar. There are also a number of video's up on Youtube. -- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On Tue, 2008-03-25 at 08:57 -0400, Kern wrote: Jerome, I find it odd that you would tell someone to ignore a media source and then not provide an alternative. I think the alternative sources of media are in Chinese. On Tue, Mar 25, 2008 at 8:41 AM, Tremaine Lea [EMAIL PROTECTED] wrote: Jerome, I find it odd that you would tell someone to ignore a media source and then not provide an alternative. While there are plenty of reasons, and good reasons, to be suspicious of western media, the facts speak for themselves. - There was violence in Tibet and a lot of protesters died. - The Chinese government said they did send in security forces but they didn't kill anyone and their forces weren't even armed. - Independent sources in Tibet, which are remarkably hard to find right now, managed to get information out. - The Chinese government fesses up days letter and says yes they killed people, and yes their security forces were armed. Just what is it you were trying to refute with this post to the list? -- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On Tue, 2008-03-25 at 13:31 +0800, Jerome Jar wrote: Please, I humbly think that you know possibly nothing about Tibet, the province of China. A lot of Chinese people, who used to take western medias as the representation of good will and perhaps democracy, do feel sick of the misleading news article pieces produced by such medias on this very topic of Tibet. If all of your knowledge about the Tibet event comes from such sources, just ignore them. On Tue, Mar 25, 2008 at 8:57 AM, Gerald Maggro [EMAIL PROTECTED] wrote: ..with purchase of one country of equal or greater value? Seriously though, those cocksuckers in the Chinese gov't are at it again... wait, they never stopped. Murderous freedom hating ways. Just not right. How about a bigger target than Scientology this time? China's got the Olympics coming up, that makes them more sensitive than usual. The Dalai Lama can be as peaceful as he wants... more action is needed. Alot more. Anyone want to pick a fight with the Chinese? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ signature.asc Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] what is this?
Probably because Gadi is at least close to on topic whether the majority of readers appreciate the posts or not. -- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On Wed, 2008-01-16 at 20:19 -0600, reepex wrote: On Jan 14, 2008 3:46 PM, Gadi Evron [EMAIL PROTECTED] wrote: I did not look at the malware, but it is pretty obvious you have been compromised. Because you do not have the skill necesary to do so. Linking also to my original article here: http://blogs.securiteam.com/index.php/archives/815 blah blah i have nothing useful to say but I am going to spam my blog that no one reads. Why do we let gadi spam but bitch about the guy spamming to defend his business? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ signature.asc Description: This is a digitally signed message part ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Secreview re-review of quietmove ( F ---)
Regardless of whether your intentions are good or not in performing these reviews, one thing is crystal clear. In order to perform these reviews and have them accepted by those who would actually read and depend on them to a degree, you need to have established yourself as a credible source and have a good reputation. With that in mind, I think the vast majority will continue to rely on word of mouth from peers, or well respected and long standing companies such as Gartner or even Dark Reading. In my not so humble opinion, you will not establish yourself as a credible resource by engaging in petty disputes and mud slinging on FD. Worse, it becomes more and more apparent that this is essentially an attempt to drive interest to your blog. I don't believe any serious company would engage in the behaviour you have to date, so both your motives and your method are in question. If you genuinely wish to be taken seriously and treated as a credible source of information about other security vendors, I'd consider starting again from scratch and develop a better method of attracting professional interest. The key is to attract the attention, not try and push your product down throats. Another quick lesson : if a vendor doesn't provide you with information, the correct thing to do is simply note that you were unable to review their product or services, and why. To still attempt a review with seriously incomplete information and then give a low score is irresponsible at best. -- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On Jan 2, 2008 11:08 AM, SecReview [EMAIL PROTECTED] wrote: Hi Adam, We've said this before and will say this again, this time to everyone. We would be more than happy to give your company (QuietMove) a better review if you'd enable us to do that. So far you haven't helped us to effectively review you at all. We tried to call you before our initial review, but never got hold of anyone. We also sent you an email before writing our second review, and you never responded to any of the questions in that email. If you'd like us to do a better review then provide us with the information that you think we will need to get the job done. Our current review is the product of your website, emails that you've posted to this and other forums, and your reaction to our first review. We haven't been able to find anything related to major accomplishments by you or by QuietMove, we haven't seen any sample reports, and we haven't received any answers to any questions about your methodologies for service execution and delivery. We even think that our current review might be too harsh, but can't change anything without more information. If you want us to change our review, we can do that again and we can do it in a non-biased way (regardless of all the rants and noise). We need you to tell us about your service delivery methodologies, your reporting methodologies, how you define specific service offerings, what markets you play in, and if possible sanitized sample reports. We won't publish any of that information directly, but we would use that to produce your next review. We want our reviews to accurately and truthfully reflect the quality and professionalism of the providers that we study. (In fact, if anyone has any suggestions as to how we could better rank security companies we'd be more than happy to listen and consider those suggestions.) Hope this helps. This will be our last email about QuietMove unless you request a redo of the current review. We will only redo the review if you are able to provide us with accurate information to help us get it done. We think that you should do it, because we think that you can score much better than an F+. (You're clearly not an idiot and you do have at least some experience.) -the end. Regards, The Secreview Team http://secreview.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Google Sacure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 So their sql server fell over. Shit happens. - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 25-Oct-07, at 1:19 PM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: How can security companies protect us if they can't even configure their shit right? http://www.sacure.com/news/index.php Warning: mysql_pconnect(): Access denied for user: '[EMAIL PROTECTED]' (Using password: YES) in /home/content/s/a/c/sacure/html/news/snews.php on line 457 Warning: mysql_select_db(): Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/s/a/c/sacure/html/news/snews.php on line 459 Warning: mysql_select_db(): A link to the server could not be established in /home/content/s/a/c/sacure/html/news/snews.php on line 459 There was an error while connecting to the database. Check your database settings. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJHIPLOAAoJEKGa22zRy9WCSmYH/io6r6afUMPqwN7dxaCeGTN+ Ct7MzUh4TfBlNtGE+bZ5PFsEl9amnA1LBFemCaEGCmZe3av54cjFr28b7k7D4VIT Mlh+UfY3PqAEjw2tUDbsmuPSvka1PhpcC7LzbmbWy/oqPwSwURiQdug/OEzlalxL AzeBbrO5zgAWM4Yn7RfdnQ2xZu+knrNR22+NolkVOm7L6hnS+TDv1v6uJPM6qE/Y K1aqL1hRDe8PwF5hOxfV7wQJUQHZUIINvpgQdc1G+Opx/ve8YSz0iHVWB+mi1jI4 4Ugx6ByohQXOAfuzlHCpViYI/48ZMDO//0hxyCK1JbrW73f1spZQ+d2O1+AUW28= =gYUR -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Google Sacure
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ... I take it all back. You were right :) Heck, you'd think *any* company would notice. - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 25-Oct-07, at 3:53 PM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Fell over a few months ago. They're supposed to be a security company... you'd think that they would notice. This is G o o g l e's cache of http://www.sacure.com/news/index.php as retrieved on Aug 22, 2007 08:14:11 GMT. On Thu, 25 Oct 2007 15:47:25 -0400 Tremaine Lea [EMAIL PROTECTED] wrote: So their sql server fell over. Shit happens. --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 25-Oct-07, at 1:19 PM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: How can security companies protect us if they can't even configure their shit right? http://www.sacure.com/news/index.php Warning: mysql_pconnect(): Access denied for user: '[EMAIL PROTECTED]' (Using password: YES) in /home/content/s/a/c/sacure/html/news/snews.php on line 457 Warning: mysql_select_db(): Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/s/a/c/sacure/html/news/snews.php on line 459 Warning: mysql_select_db(): A link to the server could not be established in /home/content/s/a/c/sacure/html/news/snews.php on line 459 There was an error while connecting to the database. Check your database settings. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJHIRJpAAoJEKGa22zRy9WCcWAIAOSMaeFVyOfMxwxPqJzcn8zg 3m4HeoChbo9GT7HbwPltkswLURvotcan7ZRr4vCgSGtnYKxSkMbmJ3WTMfmNI/YD fnk5GZ1KGeWXQrMgndxA9b42Hbh7tpoLq9FdP7Uq+PgESD94Z4N+t977CgE+Fusi bbfqpjzKdCaXPv0BZoicg5KY1OFhtkLsg3qM4Fgkf6IC88kMO1OPJAfihNgn1mtv TLuRYZzVlBDLcIAetGwgKi4HHlkxZI/vm443vtz1MDJL9vPKxlh6GEjg9ZS6AqBU LQ8eP+tEpqLHsMSL0ZQbvJ/ZPDBchEqQExShb8yjpIg7ei8KN1eDyQSPpA0cieI= =GEPK -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0day: PDF pwns Windows
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 That's been disclosed already, but thanks for your $0.02 USD ($0.02 CDN) Cheers, - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 21-Sep-07, at 5:40 PM, h4h wrote: Jeez, what a bunch of whiny pussies. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJG9F1TAAoJEKGa22zRy9WCBqgH/3rx3uiZU7USUJP96nWJXrg9 3jsHq6TkAIkE5hlJbNePsMCTKL9DgbPSRyD7sg2m9J9yf59rGCOEOmsvkEutFxGi kYDdizGijl1aYQlqDYRztANjENdpJW0lGCsfjEEB51hIzBq6wC+o/hAZe/QTcHnT MTUVQA0+/92o1pTqVeRRkG+T6tl9EgPLbhyJXHwtTJwWPtEg0EQcxGOz4W1ODOf6 Vw2vnGv/nR/DycOvVMHRt5IxjPKJkkXBHdx2TTgJH9+CQ021PUjG4xwgJO7qkAoy Jdg5v2yzKHGwYOeRr98jh3jvh7Lh5om+PMFv+WTXD1QY6ZpSx+bxUUrCvUTmkug= =f+bR -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] What does everyone make of this
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 14-Sep-07, at 2:01 AM, Richard Cranium wrote: You know... the earth tilts... Richard Cranium Pfft. Everyone knows it's flat. You've been playing with too much octarine! - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJG6k0SAAoJEKGa22zRy9WCLKIH/j84DiuhB3jPxIZrI2Ai1b4d 6jYkybQoF9dWLIxLoSMBP3QZg9/Gza93GhyVPjKTF6L26piCVErsSEEbsGhxNtA2 hvOE58p/k5OryW+w0cq519Q40C+MvNbFanlGPjl0YNsVDeg0tv4wiPtn35v9FZuw /v/Wgg0vZNRKkVOyChmyCRu8RrHEbLOlKqAOgaENxvNLKQ0e5Os5LYRXSY6aOV33 kZ+0RlY7WmycDsiPklT2sm8xndoMqQPlR7baATBNssC9KuXyHgCvfIEJgck/S4dz 8XB5VdZfej68OJRMDgnkxkburM2x1bq1jhVZ95bb+W6faNr7IdxYv9lamZ9hdJs= =f23E -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unreal: a movement to block Firefox
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11-Sep-07, at 1:12 PM, Juergen Fiedler wrote: On Tue, Sep 11, 2007 at 11:58:24AM -0400, mbs wrote: [...] I don't know about anyone else, but I happen to pay for my internet access. If I choose not to waste my bandwidth (and my time) with unwanted content, I would suggest that is my right. This is not going to be a very popular opinion, but I submit that the only honest way to exercise this right is to stay away from sites that serve content that you don't want to see. How will a user know what content, precisely, is on the site without visiting it? You seem to be proposing that we should blindly trust the other side until proven otherwise rather than proactively protecting the system. By serving ads on a site, the owner implicitly demands viewing them as a form of payment for the content they provide. While I think that blocking all Firefox users from a site makes very litle sense, I can entirely disagree with the conclusion that blocking ads from ad supported sites is uncomfortably close to theft. Just my two cents... -Juergen These sites would be better off finding a way to ensure the advertising content has loaded before the site content is provided then. As someone who administers perimeter security for a large enterprise, I could care less what these sites *think* they are entitled to push on users. If their content (or advertising) matches our filters, it gets blocked. Besides, taking action based on information provided by the client side has been considered a less than intelligent practice for some time ;) Cheers, - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJG5wUHAAoJEKGa22zRy9WCx+MH/iffBtxkEKo5GkzaHRt9ZpA9 2b7F5okrq9GRLSyp4Bsmj8uZa320XBvrDeJfgnN0EXyR87eP65lQSuSEkTVfkFjb 61ofo/tMcR8/HFMJMklRz3YZRHG7Nl6h08QOGAsYxXu4yOMH63Bl+OHryrmHMN58 HUyffxfNvrMwKWbIWlEYWOVs3yhMH7I5P5m2nsJYwuK4G8e8hsmXLGvh3FezQAnG wpZSIRczRH7+PGO3h8ubyKLX8EJKP9O0zRMHDWLSEUhYXlhmW6Okl+SsRYAfGQez pRRn7tEjqrPw1JcLSkqkcBq+IsIfViNWk0HQnpyl+poBxwLbodB/vfFm6EMlhmU= =gYdp -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0day for sell
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Juergen, This is a list for disclosures, not sales. Hence the name of the list. Cheers, - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 20-Aug-07, at 8:09 AM, Juergen Marester wrote: Hello everybody. Im new in this list and i let a message because i am selling some 0day, vulnerabilities and exploits. Please let me message by mail if you are interested. I worked on linux, HP-UX and Windows, and I have some 0day exploits on theses OS : local remote, Sendmail and Apache for linux, IIS, Office for Windows, and many other vulnerabilities. Regards, Juergen Marester. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJGyacKAAoJEKGa22zRy9WCx2cH/i+s3YOmya2JX53+PwX+c8Tv hiJHOKdkUn53trE/bComezN05s83kB/OyIxsXCs282vUKmep735PV6e0hypD4aWh dYZO6QnR/fB4758Fkco1WNsAdGtcWruupkqfD7o4aArwCI8R1cpD4VGwEUQTWV2P piuzZQw3VtMi4o0Uf/DwJSxZjgb4Fv6kQhwdhD4i4gbXZvSbz5sQej8LIFi2+9Ll avPVegVyPT54Q1Stm3eY/86Bgt8A20wD19xDtZTdcEwnIFcBEDH1NRSFgZwIMizW fjFGQJwk6cDgAvthKBt9/fHGvzK0YciyJwoqJyUliHygsbTp9CotNySiAXB+x3k= =lc9j -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 $1-10/hash, and I'd actively seek/support an open source option. - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 30-Jul-07, at 1:09 AM, n/a n/a wrote: snip Let's also imagine this service becomes commercially available. Even though DES-based crypt(3) is outdated and obsolete, its use is still widespread in typical large heterogeneous IT environments. So I guess this service would interest lots of legitimate clients such as pentesters, government agencies, IT departments in large companies or universities, and the likes. How much would you value this service ? Would you pay $100, $10, $1 per hash to crack ? Would you require anonymity to use the service ? -XRR -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJGrdUSAAoJEKGa22zRy9WCRDYIAIZgq4FjxYJzeJ9vTyZqKuKk jX+m9wKyWwLeJ429Qd5XYOA+U5TPr6IVPKI4/3Wi2vzKDaZTKdXn7nZQsVSWWk/R qpbmrWMXtSteKTXqilk78tQmuYjWmvqXQ7uiR3NvXTPGJtJB/HWJpt0W14rvuzB9 6/y7e0f9YeUkj/ZEtDiv4O607uZtueqyIL8izUBezRcDUPNAB+0ZMV+uMAApdZrq et2gCcO7vO03l7f9IBlQjWPExlaWLCYYIy6cqdVaNB9GljG4peY/KqdAILKqPw86 24Qz+UdYc8e20LzDsmUeXAMhxI2NQG3dJajsgCIIWkf6Ao5fvaLjNxAt+gS4nyM= =hb88 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hash
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 27-Jul-07, at 7:49 AM, [EMAIL PROTECTED] wrote: On Thu, 26 Jul 2007 18:23:37 MDT, Tremaine Lea said: Apparently you've never heard of a mail administrator tagging outbound email for all users. It's pretty common. Of course, you may lack the experience of dealing with large companies. The fact a large company does it doesn't make it any less stupid. And you think a large company could afford their own mailserver rather than making their people use Gmail (now wrap your head around the concept of confidential mail anywhere *near* a Google-owned server... ;) I was as amused by that as you. To pick up on a part of the sig that Nick didn't rip into publicly: and delete it from your system Presumably, Tremaine, in his self-claimed role as Security Consultant *and* Paranoia for hire, realizes that it quite likely sat on my site's main mail server for anywhere from several seconds to several hours (in fact, there are probably copies on *3* different servers in our mail cluster) - and that until some *other* piece of mail happens to land on those same blocks of storage, the text is quite easy to recover by any decent computer forensics practitioner. Yes, I do realize this. Duh. On the other hand, actually going in and overwriting the affected block(s) is quite challenging, especially when it's a 10 terabyte mailstore handling several million messages a day for 100K users. We'll be happy to do it - *IF* Tremaine's company is willing to indemnify us for the downtime. Why would I (or the company I contract to) be interested in what you do to delete Sergio's email? So there's 2 possible outcomes here: 1) The request has zero legal standing, and Tremaine's company is relying on the kindness of strangers rather than using PGP or S/MIME to actually secure their mail. This sort of thing is usually called lack of due diligence, and I don't think any company wants to be flaunting it. Speaking of due diligence... I'm pretty sure literacy and following a trail of information is basic to this field. As you've clearly missed, Sergio has nothing to do with me, the company I work with, or ... hell, who knows. I don't know the guy from Adam. Or you. 2) The request *does* have legal standing - in which case Tremaine's company may indeed have some liability to pick up any and all associated costs. Again with the not being able to follow the bouncing ball. Particularly interesting is the legal question of what happens when a please delete all copies request is attached to something that's sent to a company that is required to retain copies of *everything* for regulatory compliance (as is true for some financial-sector companies). That's the only really interesting thing you've contributed, and it's a good question. Any one know of any court cases on this? - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJGqgm0AAoJEKGa22zRy9WCEvgIALax083+iHxWUphyIh+aXg7+ d9oqyw8CRe6iZ5Fe6GKYh1RHXO07PrJAx3kttMUyzvsIEupwsVmQdFtdzyGm7wPu U1MRBPMFV9pIMhr6BF5Q96mYLmNf8dRvmMCIAoEoo1HmXRp3KocKzliLd3RqNJ6G 7Rsp+WOtpZJHnX4O+2Hn2EVAjIZTP3kZ7wko7FNVUTQcTe703/Cx9h82eGDgVmVZ zaasGUsEX2Y9hgvPPFYdNebnX8EihkFZ1FjaLKpyXzl2aLBTGsmFKtoK0KdbS93Y YwgMPiDByvXKNqTCR1Ehzl9c/Y6KVUMgR34jyFs9OQCr8/Cr2ePKZ5WGdT+YCxk= =bgWU -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hash
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26-Jul-07, at 7:17 PM, Ronald MacDonald wrote: On 27/07/07, Tremaine Lea [EMAIL PROTECTED] wrote: Apparently you've never heard of a mail administrator tagging outbound email for all users. It's pretty common. Of course, you may lack the experience of dealing with large companies. Have a nice day. - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire In truth, as the aforementioned Network Security Consultant be able to tell us, Google mail signatures can be edited before sending out the email. Nick's got a very good point, and it'd have been very easy for Sergio to remove the sig. Regards, Ronald. -- Ronald MacDonald http://www.rmacd.com/ 0777 235 1655 Sure, it's possible. Possibly Sergio is lazy. As he sent it via gmail's auth smtp servers and not from webmail, it's just as possible it happened in his mail client. And all of that aside, who cares? We see signatures like that all the time on mailing lists. It's pretty obvious they're useless in this context. - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJGqUrFAAoJEKGa22zRy9WCKNMIANjtxEAQto3Nf3vKcU6NyFZC BIHOZDCjIl63dSJh75ZlLtiwLio8pCEYnlKwqdIzetgMvAHNAwMTGm6rjSi3QIaF 05BVstEhVDSLaj1ATrJ38y9WMXTtJRVFfA6lLvVe9o2DE2P8Ec6RdxDTPyMG479I 9qFVMp9mZKmxZUiKxMgFl4c5zNWGpZ1JThUY/ZWUEzlnVDwc8jIqgmO5ENwdy7bY lufy9fMNIom5tpc6VEc3GBUl45r263pkMGQmumU5lnguM4V17hJQrJrE0GJvBmry Ut6c2OimKn2iveQ0TC7dmSOHT4EB0y7abi4tzwUy2DLYsMpoEIslJPiRcSSbnwU= =kOFu -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hash
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This message is confidential. ... Yet you wilfully and knowingly posted it to a public-access mailing list with tens of thousands of subscribers and that is well-known to be archived in many places across the net? You must be a prize moron... Actually I think you might be the one taking the prize ... It may also contain information that is privileged or otherwise legally exempt from disclosure. ... ...who can't afford a lawyer with half a clue, and will now never be able to meaningfully defend any kind of accidental Email-borne disclosure of anything, as you've just admitted, on the public record, that you are too stupid to tell if something is privileged or legally exempt from disclosure, THUS your only legally defensible position regarding such material in future is to ensure that you never handle any of it, but as (by your own admission) you cannot tell what that it is, you must cut yourself off from all information, a clearly impossible task. In short, you've put yourself in the paradoxical position of being both knowingly and negligently responsible for any and all improper disclosures of any and all sensitive material you should ever happen across in future. Good luck ever getting hired again -- it would take a seriously stupid employer to take on such a liability as you! snip of more blithering Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ Apparently you've never heard of a mail administrator tagging outbound email for all users. It's pretty common. Of course, you may lack the experience of dealing with large companies. Have a nice day. - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJGqTsKAAoJEKGa22zRy9WCMIkIAIx8CPQoQiqMvg2fFCsQEg5Z MCEqoWgec4zsr/Ev+XG3I6h8s5G2pt9CzIaTUiz+2CkqZaaIiyQg3C3OebMp7Qhg ZrJ3Z/c0BB2UJIqNudO8Zwc/aU10SXkDhugfVZLyN9MJ6L7cPNAROaIf59MxIgxV wQU6N5fKLfC1CvsqoAsVDF86j6NUb8q3oS9Xw7ViaAdykxizSHbM9m5XW1KbuaCJ rlCdOn93cDx8K3U61nJ+47Shw5cZjKABup0mD9EUPWmcGwGX1tvgj8/S6yWqIsBP 0Pd+ncapKWj60Sd4NUDFBmd9M8nRcl6xlnF2DBdjSoSGMKlbJFBxKEcoYOdQtFA= =7zmM -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hash
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You're kidding. You must not have been receiving the list in the last 24 hours then ;) Cheers, - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 26-Jul-07, at 9:16 PM, [EMAIL PROTECTED] wrote: I've heard of grammar Nazi's lurking on lists, but now we have signature Nazi's too? Haven't you all got something else better to do like finding an exploit or something rather than bicker over something that amounts to little more than a tag line? Cripes, this has to be the stupidest argument/waste of time that I've seen in a while. Geoff Sent from my BlackBerry wireless handheld. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJGqWbFAAoJEKGa22zRy9WCzPIH/RGviCYpRrOaYQu/ivR3tW5J a4XGm8akRfWdNqhc+VkQGLjQMcaov/MGiwjS9WDqk5P38jt65jyjJVWjyk3MkS3i HafRxNBsl0cyhzsbSKErUDskM5kfFwoayUaFP8yxJ4COYyLEOxzR+1mHPdnlvVed qTo1zug79sbR1zrDiqMkuyp/M77ZYTCCiQjHpOaXv1sbNKfmF2UY4dymR1mG/XhE D5RlAwKEl9nt8/lJqeEX6SprGUjqiPZtNbGEl5QLKLDDHOaRrX7287jprg2bK5ge XgYBlCiY88OqIFGruSCFk5baiuBO0p6PW64aRbPA6exk2UC/V+atqnx7T0vpS6Q= =Z818 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hash
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26-Jul-07, at 8:52 PM, Peter Besenbruch wrote: Tremaine Lea wrote: Sure, it's possible. Possibly Sergio is lazy. As he sent it via gmail's auth smtp servers and not from webmail, it's just as possible it happened in his mail client. And he still could have, and should have edited it. I don't disagree. It would appear he definitely had the choice since it doesn't seem to have passed through a corporate mailserver that enforces it outside his control. And all of that aside, who cares? We see signatures like that all the time on mailing lists. It's pretty obvious they're useless in this context. Useless in any context. Sigs. like that are very unprofessional. Even if I know they are nonsense, such disclaimers come across as mildly bullying. -- Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky Useless, yes. Unprofessional, also yes. But no more so than the long winded reply that followed it. I'd actually argue that annoying bit of easily ignored text was less intrusive than the reply from Nick Fitzgerald. I'm not sure about everyone else here, but those legalese tags at the end of emails on lists register about as much as the ads on webpages. They don't. - --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQEcBAEBAgAGBQJGqWJfAAoJEKGa22zRy9WCA4cIAKiFs/73n+tXkJhv/RiB90j5 kWOooPuzXQWtadHAIU52e8ZGsOPmdZBH1iNl+CIOmJVGdcLpuLGpacQVZjlTrbzP d13RAoixHVX+OFbwhucmlKPPKt1YsCwJHcM2xUPfG+BlTPbKQ5+qTO6Z21fa7tjP 0e8mo1GRK1hAGOmY1F+0OYPrT5G7GKXERh6p8v+guPisHtCB/NpW1do8D8uoBrI1 FVTLS2b9Stgnslbo/hKWrd66jvzCE6rGeoyZWHanFBfy54MB7PzJV5ag9K2eTx0P SUOPD2n9dSIY0rRDL6QU1O9EyF9C+BBMn738Su5kvPhhUzJ0WjL2zD7tNWIjlbQ= =SpEd -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Wachovia Bank website sends confidential information
On 10-Jul-07, at 7:39 PM, Jim Popovitch wrote: On Tue, 2007-07-10 at 20:20 -0400, Bob Toxen wrote: VI. VENDOR RESPONSE The vendor (Wachovia Bank) was notified via their customer service phone number on June 25. We were transferred to web support. The person answering asked us to FAX the details to her and we did so, also on June 25. We explained that we were reporting a severe security problem on their web site. Severe? All that seems to be leaked is a person's Name/Address/SSN number and some other details. While this is too much info to leak, I'd hardly say it's severe. That same info can be easily found in people's mailboxes weekdays between noon and 4pm. Yeah, but that doesn't scale as well. --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] XSS in CIA
Actually the original post was a publish and cussing out people who only publish a hash which does noone on the list any useful good. I keep thinking someone needs to start a usenet group/website/ database for these folks to publish their hashes to for posterity. Kind of useless on a mailing list, especially this one. A hash is not a disclosure, it's a nyah nyah, I got something but I ain't tellin but here's my hash of it so I can prove I did it first. --- Tremaine Lea Network Security Consultant Intrepid ACL Paranoia for hire On 29-Jun-07, at 12:46 PM, Steven Adair wrote: I care.. nice observation And if you did'nt care you would'nt have taken the time to reply. Flawed logic. However, I think you don't really care because you didn't take the time to put your apostrophes in the right places. Also, I don't really understand the original post. He is cussing out someone for publishing something but tells them to STFU if they don't have anything to publish. You guys confuse me.. On 6/29/07, Slythers Bro [EMAIL PROTECTED] wrote: we don't care On 6/29/07, Tonu Samuel [EMAIL PROTECTED] wrote: http://www.foia.cia.gov/browse_docs_full.asp?title=foobar%3Cimg% http://www.foia.cia.gov/browse_docs_full.asp?title=foobar%3Cimg% 25 20style='position:absolute;top:10px;left:100px;'%20% 20src= http://hosto.ru/znako/ban-prost.gif%3E BTW, f**k you who publish hashes. If you have nothing to publish, just STFU. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux big bang theory....
This might be a bit hard for you to understand, but no OS is impossible to break. If you think that's the case with OSX, you haven't been keeping up very well at all. And before you get your knickers in a bunch, *I* use OSX. --- Tremaine Lea Network Security Consultant Be in pursuit of equality, but not at the expense of excellence. On 13-May-07, at 10:15 PM, Just1n T1mberlake wrote: I know this might be a bit hard for you to understand, but it is these 'features' that make OS X impossible to break. I am guessing if you had your micro$oft operating system or even something like n00buntu you will have something to worry about. All of these extra 'features' are just making your security harder. Is it any wonder there are so many of these advisories every single day? How many for OS X? Maybe instead of flaming you might want to do a security course :-P just1n -- “Losers make promises they often break. Winners make commitments they always keep.” - Denis Waitley Mac OS X Evangelist Public Relations of NeXus - Original Message - From: Andrew Farmer [EMAIL PROTECTED] To: Just1n T1mberlake [EMAIL PROTECTED] Subject: Re: [Full-disclosure] Linux big bang theory Date: Sun, 13 May 2007 19:49:37 -0700 On 13 May 07, at 17:47, Just1n T1mberlake wrote: Confirmed Macosx is not vulnerable to this. Well, yeah. The script depends on lynx and wget being available, and neither is installed on OS X. It also depends on the line-by-line layout of several include files, one of which (linux/wireless.h) doesn't even exist on non-Linux systems. It won't even work on all Linux systems. If the target doesn't have compilers available, for example, it won't have any headers to grab the target strings from. -- ___ Get a free @hellokitty.com, @mymelody.com, or @kuririnmail.com email account today at www.sanriotown.com, and enjoy 500MB of storage! Check out our official blog @ http://blog.hellokitty.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] NSA's surveillance project:True or crap
Looks reasonably accurate on first glance. For an in depth look into the NSA and the Pentagon, check out the author James Bamford. Excellent research and information into both. --- Tremaine Lea Network Security Consultant Be in pursuit of equality, but not at the expense of excellence. On 30-Apr-07, at 2:33 PM, scott wrote: I just came across this: http://www.abovetopsecret.com/pages/echelon.html Want to know what everyone makes of it. True or crap? Regards, Scott ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] UK ISP threatens security researcher
On 18-Apr-07, at 6:01 AM, Dr. Neal Krawetz, PhD wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Let's keep in mind that publishing most security information borders extortion. There isn't any other industry where fat nerds try to strongarm large corporations into admitting there are weaknesses in their products, defaming them publicly, causing their stock prices to fall, or otherwise damaging their public image and thus causing financial damage, et cetera. Lets also keep in mind that most vendors won't patch a hole in a timely fashion, and will happily leave their customers hanging in the wind to protect their stock price and image. Gadi, I doubt your people would be thrilled if you tried to petition Yahweh with complaints regarding His children being vulnerable to pieces of metal fired at high velocity from guns, and demanding that if things aren't fixed within what you consider a satisfactory timeframe (which, in the end is just some arbitrary number invented by people with no concept of industry and economics) that you will arm every man, woman, child, and lizard of bordering Arabic nations to Israel in order to teach that big guy up in the sky a lesson about not making humans impervious to gunfire! Did you really just metaphorically compare software companies to Yahweh?? And for completeness sake, do you really mean to assert that people don't cry out to $deity about various injustices? Come on man! You're smarter than this! When socially inept people who possess only rudimentary computer skills Speak for yourself doctor. start bullying (call it what you will, in the end if you argue against my points you clearly are one of those people who can't make it in the real world) Oooo. Nice. if you disagree with me, you suck and stuff! corporations for fame and money, which have real-world financial consequences to said corporate entities, you are in the least committing extortion. Cuz Yahweh forbid there be consequences. And while you might think these efforts are noble, the reality of the situation is simple - this is absolutely no different than a bunch of Russians with botnets, forcing businesses to comply with their demands if that business wishes to continue existing on the Internet. You must live an interesting life when you lack the ability to differentiate between truth and lawlessness. When was the last time an auto manufacturer was humiliated publicly because their car windows can easily be broken and contents of the car stolen? When have chain manufacturers been chastised by the mass media for the existence of bolt cutters? What about the serious threat of hacksaws? When the hacksaw threat costs users, business and government as much as insecurities in poorly audited code you'll see these stories. Somehow I don't see that happening though. There are clear laws in place when a company places a poor/flawed product on the market. Software seems to get a pass on this. People, grow up. If your life is spent behind a computer discovering uninteresting oversights in software design, where you clearly lack experience and ability, and proclaiming yourself the #chatzone badass and drolling saying I'm the best evah!!! doesn't make you important. The sad state of this industry is that there are enough ignorant people that find it impressive, and who don't understand the ramifications of their publicity whoring and the obvious parallels to other industries. That's right ladies and germs. Stop searching for holes and insecurities in your applications and OS. Stick your head in the sand and let people with ill intent find it and exploit before you can be aware of the problem and protect yourself. Definitely *do not* share the information if you stumble on it. $deity knows you'd be a poor example if you acted to protect and inform others. The long and short of it is: If you want to act like a criminal, be prepared to be treated like a criminal, and don't cry about the choices you've made in life. You aren't a fucking martyr when your motivations and cause are only self-promoting and otherwise selfish. Yes, because you're all psychic and stuff, and can immediately ascertain someone's motives. It's a miracle you aren't employed full time by the legal system with this super amazing power. --- Tremaine Lea Network Security Consultant Be in pursuit of equality, but not at the expense of excellence. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] War against Iran: Update from front lines
Iran has a LOT to do with terrorism. They are the biggest state sponsor of terrorism, followed by Syria. --- Tremaine Lea Network Security Consultant Be in pursuit of equality, but not at the expense of excellence. On 15-Apr-07, at 3:26 AM, [EMAIL PROTECTED] wrote: So... You're going to fight alleged terrorism, with more terrorism... the logic is impecable. And since when does iran have anything to do with terrorism? On Tue, Apr 10, 2007 at 03:45:51AM -0500, United Hackers wrote: _ _ ___ _ __ ___ ___ _ __ | | /| / / _ | / _ \ / __ \/ |/ / / _/ _ \/ _ | / |/ / | |/ |/ / __ |/ , _/ / /_/ // _/ // , _/ __ |// |__/|__/_/ |_/_/|_| \/_/|_/ /___/_/|_/_/ |_/_/|_/ Hackers United against the Threat of Islam - -- FOR IMMEDIATE RELEASEANTI- MUSLIM LEAGUE - -- April 10, 2007, 1000Z Hackers United Update from the Front Lines The Hackers United against the Threat of Islam have continued their stance at readiness, awaiting the strike by American forces on the physical infrastructure of Iran. During the waiting period, Operation Screaming Eagle has continued with a significant degree of success, preparing for surgical strikes on core routers owned by the Telecommunication Company of Iran (a puppet corporation of this corrupt, Islamic-extremist held nation's government), including several Cisco 7200, Cisco 12000 and Cisco 7500 series routers. As well, several computers at Iranian universities have been taken control of in preparation. The freedom-loving Hackers at the front have been joined by their Israeli brothers in arms who stand strong beside them, bringing their unique experience and talents in dealing with the threat of Islam to their well- being. Their numbers were added to the battle group, as well as hackers taking up the cause in Canada, China and Poland who understand the threat of Islam to continued growth and well-being of the world, as well as the need to bring governments devoted to protecting the rights and freedoms of the citizens of a nation, including the right to religion, and the separation of religion from state affairs. Preparations shall continue for attacks to be launched against the Iranian infrastructure, and when the day comes we will be ready. Islam must be stopped. And the Hackers United against the Threat of Islam are there to do the job. Shout outs to everyone united against Islam. We stand together to face this threat to humanity. = ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- -- C H E D D E R Initiate code in the deepest crevices of the conspiracy of the youth, into beliving they are unable to distinguish learning from fun. They keep this attitude until we adults convince them to any one, that means you can actually be helped by ethiopia. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] War against Iran: Update from front lines
Iraq and Afghanistan participated, but Iran and Syria have long been the source of financing and planning. They are the CC of the terrorist islamist botnet ;) --- Tremaine Lea Network Security Consultant Be in pursuit of equality, but not at the expense of excellence. On 15-Apr-07, at 12:38 PM, [EMAIL PROTECTED] wrote: On Sun, 15 Apr 2007 05:40:24 MDT, Tremaine Lea said: Iran has a LOT to do with terrorism. They are the biggest state sponsor of terrorism, followed by Syria. I thought that was Iraq. Or was it Afghanistan? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the only one who can't resolve phishtank.com, but some can..
On 25-Mar-07, at 12:31 PM, Michael Ward wrote: ; DiG 9.2.3 @dns1.menandmice.com phishtank.com A ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 60010 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;phishtank.com. IN A ;; ANSWER SECTION: phishtank.com.9071IN A 127.0.0.1 ;; AUTHORITY SECTION: phishtank.com.167471 IN NS dns2.parkpage.foundationapi.com. phishtank.com.167471 IN NS dns.parkpage.foundationapi.com. ;; Query time: 197 msec ;; SERVER: 217.151.171.7#53(dns1.menandmice.com) ;; WHEN: Sun Mar 25 18:29:25 2007 ;; MSG SIZE rcvd: 107 but others are working ; DiG 9.3.2 @ns.kloth.net phishtank.com A ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 51509 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;phishtank.com. IN A ;; ANSWER SECTION: phishtank.com. 60 IN A 66.135.40.79 ;; Query time: 64 msec ;; SERVER: 88.198.39.133#53(88.198.39.133) ;; WHEN: Sun Mar 25 20:30:29 2007 ;; MSG SIZE rcvd: 47 Shaw Cablesystems in Calgary ;; ANSWER SECTION: phishtank.com. 14400 IN A 127.0.0.1 Interland server in Georgia ;; ANSWER SECTION: phishtank.com. 60 IN A 66.135.40.79 ;; AUTHORITY SECTION: phishtank.com. 3434IN NS auth1.opendns.com. phishtank.com. 3434IN NS auth2.opendns.com. phishtank.com. 3434IN NS auth3.opendns.com. ;; ADDITIONAL SECTION: auth1.opendns.com. 172634 IN A 38.99.14.20 auth2.opendns.com. 172634 IN A 208.67.219.54 auth3.opendns.com. 172634 IN A 208.69.39.2 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Phishtank.com Gone?
On 25-Mar-07, at 12:35 PM, Larry Seltzer wrote: Phishtank.com resolves to 127.0.0.1, has someone taken it offline? No, I'm still getting to the site. I don't suppose mcafee.com, symantec.com and a lot of other security domains also resolve to 127.0.0.1 for you, do they? Larry Seltzer It's just phishtank.com for me, the others resolve fine. My checks were run from linux boxes ;) localhost address checking from Shaw in Calgary, normal result checking from an Interland server in the US. Tremaine Lea Network Security Consultant ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] kill -9 coz it's my time to shine
Lots more here - http://www.youtube.com/profile?user=NerdcoreForLife Cheers, Tremaine Lea Network Security Consultant Be in pursuit of equality, but not at the expense of excellence. On 20-Mar-07, at 1:59 PM, Gadi Evron wrote: It's like I'm running Thunderbird and you're still stuck with PINE! Don't step out of line or else it's kill dash nine! Check out the rest: http://www.youtube.com/watch?v=Fow7iUaKrq4mode=relatedsearch= Monzy performs at Stanford Univ. I still like Monochrom's RFID song better. :) (thanks Sid) Gadi. -- beepbeep it, i leave work, stop reading sec lists and im still hearing gadi - HD Moore to Gadi Evron on IM, on Gadi's interview on npr, March 2007. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/