Re: [Full-Disclosure] Automated SSH login attempts?
Ali Campbell <[EMAIL PROTECTED]> wrote: > Do I take it that these things are just trying to log in using some > guessed password(s) ? Out of interest, do we have any idea what these > opportunistic passwords might be ? As far as I have heared this is an 0day "exploit" which does nothing but trying to bruteforce some accounts like "admin" "test" and so on with passwords like "test" "1234" and i dont know what. Seems to be not too serious because noone actually has those account in real life. ;) Best wishes, Christian -- Christian Fromme chris at kaner.shacknet.nu PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] morning_wood is really a blackhat
madsaxon <[EMAIL PROTECTED]> wrote: > At 11:59 AM 5/3/2004 +0200, Sebastian Krahmer wrote: > > Not in this case. Kurt only moderates the noise. All > the code and advisories are there, from both F-D and > Bugtraq. I highly recommend it if you don't care to > wade through obnoxious flames and endless reiterations of the > same lame questions. Censorship is not what we're looking for. Best wishes, Chris -- Christian Fromme derfromme at gmx dot de PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] morning_wood is really a blackhat
madsaxon <[EMAIL PROTECTED]> wrote: > At 04:37 PM 5/4/2004 +0200, Christian Fromme wrote: > > >Censorship is not what we're looking for. > > I think that's a debatable issue. It seems to me that > some people on this list confuse "full disclosure of > exploit-related code and advisories" with "unfettered > posting of any shit that comes into a 14 year old's head > at the moment." This list would be far more productive > if we weren't constantly subjected to this barrage of > pointless flaming and adolescent taunting. I trust at > least one person will reply to this with something that > illustrates my point. I agree in parts, of course. And: "unfettered posting of any shit that comes into a 14 year old's head at the moment." - hell, that was a funny one. Sad enough thats true also. But still, I personally wouldn't buy that for the cost of censorship. Just my opinion. Cutting out the "bad bits" and what the "bad bits" are depends in some cases too much on the opinion of the moderator. Best wishes, Christian -- Christian Fromme chris at linux.fanatism.us PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] morning_wood is really a blackhat
madsaxon <[EMAIL PROTECTED]> wrote: > That's certainly a valid point. What I'd vastly prefer is > that we all exercise "self-censorship" before we post. I fully agree. ;) Thats still gonna be hard for some guys I guess... I would suggest to close this discussion now, if you agree, because it's a little bit "off-topic" and we dont wont to annoy anyone. ;) Best wishes, Christian -- Christian Fromme chris at linux.fanatism.us PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Support the Sasser-author fund started
Sim Brown <[EMAIL PROTECTED]> wrote: > > You're a nazi... > > A patriot would respect other countries and their laws... > > I hereby invoke Godwin's Law and declare this thread dead. Harhar, this is not going to work i bet...anyway a wise idea. Best wishes, Christian -- Christian Fromme chris at linux.fanatism.us PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Danny <[EMAIL PROTECTED]> wrote: > What would IT be like today without IRC (or the like)? Am I narrow > minded to say that it would be a much safer place? To be honest: Yes, i think it is quite narrow-mindet to say that. Sure, there are some "scriptkiddies" and "crackers" who organize themselves through internet relay chats. But if you think you proposal right through to the end, you should also consider abandoning almost every email-software, instant-messenger and the like. Good luck with that. If you approach the problem this way, why not cut through your network cable, which is the best way to protect yourself? Best wishes, Christian -- Christian Fromme EMail: derfromme at gmx.de PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] security hole in german Telekom T-Sinus 111
Mailinglist <[EMAIL PROTECTED]> wrote: > i stopped @ the T-Sinus 111 a wireless broadband router, labeled by > german Telekom. > > This device has an integrated DSL Modem and the security bug is that > you can use the router as a modem every time. > Create on your machine a dialupconnection using the "T-Com DSL Adapter > software", the router will disconnect from carrier and the User can dialup. > This allready works with empty settings on the device ... > I think everyone who uses this device is vulnerable for DSL dialer > tools (and DSL by call used by a worker) and at a small company network the > connection could always > beeing disconntected. Very interesting! Please keep us updated on this topic. -- Christian Fromme EMail: derfromme at gmx.de PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html