Re: [Full-Disclosure] I'm calling for LycosEU heads and team to resign or be sacked
And if the spammers don't like my packets being sent to their system, all they have to do is send me a polite e-mail asking to be removed from my flood-list. It is really quite simple! Wow. Obviously you are not responsible for authorizing payment to transit providers and have no idea how much bandwidth actually might cost an organization on a perMonth/perMeg basis. This would have never had any SERIOUS effect on backbone providers but many of their customers who don't even KNOW they have someone generating spam from their network would unfortunately see a great deal of money lost. Why don't you go physically assault a spammer. Do you physically assault door-to-door solicitors or do you have a sign on your front porch. Obviously spam costs all of us $ in some form or another but incurring rapidly generated expenses for non-responsible parties to me seems a bit cruel. Do you assault the mailman for delivering junkmail that companies actually pay the USPS to deliver? /m - Original Message - From: Bob Smith [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 03, 2004 5:11 PM Subject: Re: [Full-Disclosure] I'm calling for LycosEU heads and team to resign or be sacked I think heads should roll over this. I think its the worst act a corporation has ever undertaken in the history of the internet. So speaketh n3td3v, prohpet, visionary, lord and leader of Full Disclosure. The Internet has always been about vigilante justice. Aside from exceptionally egregious cases of wrongdoing, like sexually explicit material with children, fraud, or flagrant piracy, the Internet exists and operates beyond the boundaries of any one nation's laws. It is up to the people to self regulate. We have tried politely reasoning with spammers, we have tried ignoring spammers, we have tried _suing_ spammers. We've leisurely worked our way down the tree and are well past any sort of rational recourse. Now people are willing to resort to brute retaliation. When you sign on to the Internet, you accept this implicitly, to some degree or another. If you screw up, people will blackhole you, flood you, or isolate you. Spammers have been lapping us in the face for too long, and now the Internet reacts and fights back. Everyone who downloaded that screensaver did so intentionally, this wasn't a trojan operating behind the scenes. The participants were willing combatants. The engine for the battle happened to come from Lycos this time, but there have been other efforts in the past as well. And if the spammers don't like my packets being sent to their system, all they have to do is send me a polite e-mail asking to be removed from my flood-list. It is really quite simple! -Taters ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: FW: [Full-Disclosure] Shadowcrew Grand Jury Indictment
Without web defacing teenagers this industry wouldn't have gained the momentum it has. Yin/Yang. Without your so called cybercriminals your life would be meaningless. /m Len rose is a muppet. Stop moderating my mail. - Original Message - From: n3td3v [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 17, 2004 3:19 PM Subject: Re: FW: [Full-Disclosure] Shadowcrew Grand Jury Indictment On Wed, 17 Nov 2004 13:29:19 -0700 (MST), Bruce Ediger [EMAIL PROTECTED] wrote: Unfortunately, the US Government operates under the auspices of a small document called The Constitution, and a little concept called Common Law. Now, I know that you trendy kids call things like that quaint (I believe that's what our new Attorney general calls things like the Geneva Convention. See http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2004/06/13/wguan13.xml; sSheet=/news/2004/06/13/ixworld.html) but fortunately for the rest of us, presumption of innocence remains the standard of the land. If you small-minded totalitarians don't like that sacred principle, get the hell out of the US. We don't need your kind. Move to some Banana Republic where they change the rules all the time in the face of 1000 years of tradition and philosophy and the Blood of Patriots who died to protect these rights. Zero tollerence. What will these doofuses think of next? I bet they start up a cult of personality around the nation's leader, including a new salute borrowed from the Romans. I don't live in the U.S thankfully, I live in a sane country called the U.K Would you agree with closing down a site that was letting child abusers to post links to illegal child porn photographs? Would the site owner be able to say, we aren't involved with any of these links, we just provide the site for the criminals to do it, so other child abusers can get links easy to child porn photos. But no, when we move onto online malicious hacker crimes, its ok for sites, such as zone-h, which allows malicious hackers to post links for other hackers to get a kick over, just like a child abuser would by visiting a child porn photo. Imagine a child abuse site which also kept a score board of the biggest amount of child porn photo posters. Yet again we move onto malicious hacker online crimes, it seems to be different for zone-h to keep scores of the biggest malicious hacker defacement posters. Why one rule for one online crime promotion site and not the same rule for another online crime promotion site? I guess you would allow a child porn promotion site, like you think its ok for zone-h to be online promoting online malicious hacking and not closed down. Thanks,n3td3v http://www.geocities.com/n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: OT[Full-Disclosure] Re: U.S. 2004 Election Fraud.
Half this list subcontract for halliburton. Please stop feeding the animals. /m - Original Message - From: Dennis Heaton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, November 11, 2004 2:12 PM Subject: RE: OT[Full-Disclosure] Re: U.S. 2004 Election Fraud. Pinch me, I thought this was a technical security list, not a voting thingie. STOP WASTING MY TIME AND MAILBOX RESOURCES! NOW! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randall Perry Sent: Thursday, November 11, 2004 2:08 PM To: [EMAIL PROTECTED] Subject: Re: OT[Full-Disclosure] Re: U.S. 2004 Election Fraud. Quoting Exibar [EMAIL PROTECTED]: Let me challenge YOU. Prove that my vote did not count. Show me absolute, proof beyond a doubt that my vote did not count. If you cannot prove that my vote did not count, then you STFU. Exibar I don't know about _your_ vote specifically, but I do know for fact of some votes that did _not_ get tallied. Pretty easy to know when you see precincts that show a complete tally with 0 votes for the libertarian party (Nader or Badnarik) when you and colleagues are part of that geographic region and 'pulled the lever' for the libertarians. Also happened in the 2000 election in the Florida 'recount'. There will always be voter fraud no matter chad, MS access or scantron fill-in-the-bubble. And there is plenty of deception around registering voters. *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-. Randall Perry Domain Logic Technology Solutions http://www.domain-logic.com 574-220-1545 Every problem has a solution. If there is no solution, there is no problem.. *:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-.,_,.-:*'``'*:-. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Severe exploit found, all UNIX are affected!
Don't feed the animals. /m - Original Message - From: Billy B. Bilano [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 16, 2004 12:54 PM Subject: [Full-Disclosure] Severe exploit found, all UNIX are affected! Dudes, Bad news today. Oh my goodness! I am in a tizzy-fit over this! I am such an expert at system administrating but even the best of us fall from glory now and then. And let me tell you, this is one time I believe somebody got the best of me... and that somebody is a fellow named Charles! It all started when my big OpenBSD box took a dumper and I got paged. So I get into the bank and start to look around and I poke and prod the box and then I log into it and run the appropriate debug tools (ls, ps, top, cut, etc. -- pun not intended). I notice, at long last, that the console messages were not lying... the hard drive was indeed full! (you can never be too sure about that sort of thing as everybody will agree) The offending file was the previous administrator (Stan, who got fired when I became IT director because he was a puss and always joked about beer and had a picture of some baby looking at teats saying lunch on his cube wall -- that offended me as a larger man). So his old administrator account has a huge mail spoolball that is taking up 80% of the drive! Holy crappers! So I logged in as stan and used his password he gave me in exchange for his severance package. I typed mail hoping to see if this would let me view his mail and it did -- thankgod! What I saw scared the holy mole dickens out of me... Thousands of emails! As I started reading them, I realized the full extent of what is, without a doubt, going to become known as the biggest and most notorious hack in the history of the Internet! Northcutt better take out that section about the Mitnik attack in that terrible book he is always rehasing with only a spit-shine and fancy new cover because here comes something leaner and meaner! (I have re-bought that nut's book eight times and it is always the same old cruft over and over but there wont be a ninth purchase, you bet your pink pajamas!) Someone needs to tell him that SANS is not the MANS! LOL! This is BIG, folks! The mails... there were big ones and small ones and they all had one thing in common: they were from a person who would soon be determined to be a master hacker who has obviously infiltrated the bank's system long ago, before I even canned Stan (he was such a chump and always lost his wallet because he wore those baggy hacker pants). It seems that this black head hacker, named Charlie Root, has been busy alright... Every night, like clockwork, he sends me a few emails that contain the most intimate of details about the server! Drive space, logins, users I've created and removed, and more! I think he is trying to extort money from the bank! I was scared to hell to raise any red alarms at the bank so I started to look around and I believe I found out who this Charlie Root person really is: http://www.baseballlibrary.com/baseballlibrary/ballplayers/R/Root_Charlie.st m It seems that old Chinski used to play baseball for the Brown Cubs back in his youth. Clearly, from reading about his shoddy career, he was washed up as his stats are terrible by modern standards and he retired from the game in 1970! Now, as is abundantly clear, he has reached a desperate point in his life and is now devoting his time to taking over the world's infrastructure and trying to do phishy things and extort money from gallant administrators like myself. I looked into the front directory on my server and saw a folder called root! OMGF! I dove into his folder and saw all kinds of hacker files (like some thinger called .bash_history which seems to contain a list of commands he uses to take over the system, and .forward which contains Stan's email address). There were also tarballers for other things that look like old log backups! Incredible! I tried to delete some of these trojan files but it said I could not! I did some more looking around and found another startling fact: Charlie Root has changed my shell! It is not sh like it should be, it has been set to stsh which it certainly some kind of backdoor hacker tool to capture my strokes! Normally I would just reboot the server but this time, since I was at lunch, I decided to play around with my EMACKS script on my new Sun 6800's and, by chance, I saw that almost every file on the system was already owned by the root fellow! He has the guile to call himself Super-User! when I fingered (LOL) his account! We have only had these systems for a little over a month and this Charlie Root has already taken over every UNIX server in the bank! This may be the end of our company if I cannot get this hacker out of our systems and expunge the network of this wretched root Chinski thing. I will not bow to his extortion attempts! Someone please tell me what I
Re: [Full-Disclosure] Defcon spelled half backwards is Fedcon and you dumfucks walked into a trap
Agreed. Please take your blackhat paranoia and your 0-day, and go root a garbage can. Defcon's main purpose is to consume massive amounts of alchohol and throw money at strippers. Down with the bartenders! /m Aditya, ALD [Aditya Lalit Deshmukh] wrote: :Down with kiddies, down with admins, down with ppl :trying to make security better. Down with everyone :profiting off publicity. please do your shouting somewhere else :Why people so inconsistent? maybe it is time to increase the minimum age of list 18 maybe -aditya Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Defcon spelled half backwards is Fedcon and you dumfucks walked into a trap
[EMAIL PROTECTED] wrote: On Wed, 04 Aug 2004 09:17:04 PDT, Micah McNelly [EMAIL PROTECTED] said: Agreed. Please take your blackhat paranoia and your 0-day, and go root a garbage can. Defcon's main purpose is to consume massive amounts of alchohol and throw money at strippers. Down with the bartenders! If you didn't have bartenders, who would serve the alcohol once you're too drunk to get the cap off the bottle by yourself? ;) the strippers. /m ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered!
Greatest post of all time. /me claps. /m - Original Message - From: Goudie, Derek [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, June 08, 2004 1:54 PM Subject: RE: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered! Thanks! I needed that -Original Message- From: Jakob Jünger [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 08, 2004 1:01 PM To: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered! Hi, I just can admit to what Billy wrote. The Firewall of my PDA is getting hot. It plays Yellow Submarine everytime I press the escape-key. It has to be something like this crypto-thing. I don't know what crypto means but it seems to be encrypted with EnglishLanguageProtocol. Believe me, I have been the administrator of my PDA since I was three years old. Jakob Whatever ssl is, I don't know but it's using the so-called ssl port on the web servers. But this port 443 is not SSH! Why should it be encrypted? And what is this ssl thing? I've been in IT for many years and I am now IT Director here at the bank... I would think that I would know what ssl would be. I don't think this worm has anything to do with whatever ssl is. Does anybody even still use ssl? That's probably why the hackers chose it. Sorry to say but it is not! I checked my incoming traffic again this morning and the attack on port 443 is still coming in full steam ahead! I don't know what's going on, but I am about to block that port on my firewall. Some nitwit (probably the idiot that was here before I became IT Director) somehow, for some reason, deliberately opened port 443 on the firewalls! I am beginning to think that this is the first wave of the new coming global crypto-storm! ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Support the Sasser-author fund started
I wonder if people forget the liability that any organization inherits if they do NOT maintain a above standard protection scheme for their network/hosts. Misconfiguration of network hosts/machines after being NOTIFIED of a OS flaw or other should deem that organization responsible. Smurf was a great example. Following the postings of actual usable broadcast hosts, most organizations did NOT fix the problem. The vendors were left to deal with the issue. Maybe companies should start hiring clueful people that care about not only their internal infrastructure but the last mile facing their own customers. IE. All last mile providers. You can't expect end users to maintain their own machines. They want solitaire. Rant, /m - Original Message - From: Aaron Gee-Clough [EMAIL PROTECTED] To: Full Disclosure List [EMAIL PROTECTED] Sent: Thursday, May 13, 2004 9:17 AM Subject: Re: [Full-Disclosure] Support the Sasser-author fund started Duquette, John wrote: Why not punish all the admins/users who failed to patch their systems in time as well. Because they didn't break the law. It's really that simple. If you're saying that you think there should be a law to force people to patch their systems in a timely manner, that's a different issue. (and one that will lead to all sorts of unintended problems...think about it for a while.) Aaron ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Google Private IP is 10.7.0.73 !!!!!!
someone personally believed that this was valuable and now because you obviously take yourself to be a judge of valuable information why not enlighten us on something worthwhile. /m len rose is a muppet. - Original Message - From: edp [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, August 22, 2003 5:36 AM Subject: R: [Full-Disclosure] Google Private IP is 10.7.0.73 !! This 10.7.0.73 is google private ip address. Wow! Scary! Message also signed, so we can trust that valuable info! ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Subject prefix changing! READ THIS! SURVEY!!
len will moderate your a$$. - Original Message - From: Raj Mathur [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, August 21, 2003 5:57 PM Subject: RE: [Full-Disclosure] Subject prefix changing! READ THIS! SURVEY!! Jonathan == Jonathan Grotegut [EMAIL PROTECTED] writes: Jonathan My vote is for number two, to shorten to HD or to have Jonathan nothing at all... Are two votes allowed??? Half-Disclosure? *Running before Len really sends goons to maim me this time!* -- Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] TO: Anthony Aykut
yar dumerer. - Original Message - From: Donnie Weiner [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 18, 2003 11:49 AM Subject: [Full-Disclosure] TO: Anthony Aykut shutup yar dum. Christ almighty. For all your bikkering, wit and inventiveness, if you people put the same energy and will into educating people or arguing in a civil manner over what you are not agreeing to, this list would be a much better place. Wood at least tries, even though some of you may or may not agree to what or how he is doing it. But no, of course you won't do that, you'll have to show off and be arrogant - because lets face it we just love oneupmanship and love to mock people. That way we can REALLY show them that we are better. Sad. _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] RE:
Len Rose is a muppet. /m - Original Message - From: gml [EMAIL PROTECTED] To: 'Jeremiah Cornelius' [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, July 18, 2003 4:29 PM Subject: RE: [Full-Disclosure] RE: I can't help it. I'm going to have to comment to a comment about my own comments about commenting about the list, seriously it just HAS to be done. Who has a comment? Any takers? Thanks, The Professional -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeremiah Cornelius Sent: Friday, July 18, 2003 6:25 PM Cc: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] RE: I was never under the impression that this was more than a social experiment setup for Len's amusement. Christ! Out of another lame, flame-thread, comes the most accurate and insightful comment about the list! Pity that meta-threads are more common here than actual contents. Hey look, I'm commenting about commenting about the list! ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Credit card numbers
i used to card during high school all the time. /m - Original Message - From: gml [EMAIL PROTECTED] To: 'northern snowfall' [EMAIL PROTECTED]; 'Nick Jacobsen' [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, July 17, 2003 3:18 PM Subject: RE: [Full-Disclosure] Credit card numbers Carding is for hackers who enjoy prison. If you are considering illegal activity that involves theft or the possibly involvement of the secret service, I suggest you first ask yourself whether or not you enjoyed high school cafeteria food and then imagine eating that for the next 20-30 years. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of northern snowfall Sent: Thursday, July 17, 2003 6:59 PM To: Nick Jacobsen Cc: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Credit card numbers This is a professional list - would you go up to someone at a computer security conference and tell em oh yeah, I used to card during highschool all the time? Oh grow up Don http://www.7f.no-ip.com/~north_ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Invaded by morons..
c:\aux\aux. owned! /m - Original Message - From: Dortmunder Lethman [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 17, 2003 3:33 PM Subject: [Full-Disclosure] Invaded by morons.. Ever since Donnie Werner showed up all we see is Windows crap, and stupid xss tricks. We don't need 50 millions me-too posts about lame ie crashing. We don't need 50 millions slash-dot lamers flooding this list with crap. We don't need 50 millions whiners complaining about standart services that are in inherently insekure which is an oxymoronic position since windows is inherently insekure, and none of it is news to anyone with .01% kluon. For instance, no one even responded to *Hobbit* points about secure practices, and I bet not even 10% of you windows lamers even know who he is. All you windows lamers join Werner's 0-day lamers list and the rest of us will be here, agreed? I won't respond to anyone who didn't use unix to send mail to me. Lethman returns, phear me. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html