Re: [tor-relays] Keep smiling only - i dont expect any answer
This is a financial institution that manages inter-bank payment systems in South Korea. I think when they said *trial* they meant *attempt*, which means the attack did not succeed. But a trial could also be a successful attack that was meant to test whether they could get in before the real fun starts. So I'm not sure if the attack was successful or not, but assuming it was a successful attack... Tell them to report it. Tell them it would be a gross violation of their due diligence, and most likely legal responsibility to not report it. Tell them not to rely on other people to ensure their network is protected from all of the widely and freely available attack vectors. Tell them you run a Tor relay, and as such you have no control over who does what, and provide relevant links. Point them to your Tor Exit Notice that is easily and readily available for anyone to see. Now, if the attack wasn't successful, tell the Network Security Manager that as an inter-banking payment system provider they should expect attacks of varying degrees, but that you still have no way of controlling who does what on the Tor network. Either way, tell them FCKeditor_Vul is easy to fix, but is entirely their responsibility. Their WYSIWYG editor has a vulnerability - how is that your fault? Regards, Matt Speak Freely ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Keep smiling only - i dont expect any answer
nice abuse :)From:i...@kftc.or.kr To: ab...@wedos.com Date:01.04.2015 08:42:07 Subject: [KF/ISAC] Warning! Unauthorized Access Trial! Dear Network Manager : I am a network security manager of Korea Financial Telecommunications and Clearings Institute(KFTC). My job is to protect Korean financial organizations from illegal intrusion attacks. We have received a report of unauthorized access trial originating from your site as shown below. Date/Time(GMT+9): 2015-04-01 12:47:46 ~ 2015-04-01 12:47:46 Source IP : 37.157.192.208 Destination IP : 59.11.68.197 Attack Type : FCKeditor_Vul We are seriously considering notifying these illegal attempts to the related authorities of both your and our countries and requesting proper legal actions. So, please take appropriate measures to identify and stop the attacker. And, please inform us of the results. (i...@kftc.or.kr) Thank you for your cooperation. p.s. : If you are not the correct person to deal with this incident, please forward this to the proper person and inform us for future convenience. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Keep smiling only - i dont expect any answer
This is what i call: Happy April 1, 2015 On 1 April 2015 at 18:58, Teófilo Couto undert...@protonmail.ch wrote: Same old, same old story, again and again... They operate badly developed, badly implemented sites, full of well known vulns, but the issue, the bad guy on set, is a tor relay... Typical... Original Message Subject: [tor-relays] Keep smiling only - i dont expect any answer Time (GMT): Apr 01 2015 14:02:00 From: cmar...@yandex.com To: tor-relays@lists.torproject.org nice abuse :) From:i...@kftc.or.kr To: ab...@wedos.com Date:01.04.2015 08:42:07 Subject: [KF/ISAC] Warning! Unauthorized Access Trial! Dear Network Manager : I am a network security manager of Korea Financial Telecommunications and Clearings Institute(KFTC). My job is to protect Korean financial organizations from illegal intrusion attacks. We have received a report of unauthorized access trial originating from your site as shown below. Date/Time(GMT+9): 2015-04-01 12:47:46 ~ 2015-04-01 12:47:46 Source IP : 37.157.192.208 Destination IP : 59.11.68.197 Attack Type : FCKeditor_Vul We are seriously considering notifying these illegal attempts to the related authorities of both your and our countries and requesting proper legal actions. So, please take appropriate measures to identify and stop the attacker. And, please inform us of the results. (i...@kftc.or.kr) Thank you for your cooperation. p.s. : If you are not the correct person to deal with this incident, please forward this to the proper person and inform us for future convenience. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- http://www.backbox.org http://www.pentester.iz.rs ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Keep smiling only - i dont expect any answer
Same old, same old story, again and again... They operate badly developed, badly implemented sites, full of well known vulns, but the issue, the bad guy on set, is a tor relay... Typical... Original Message Subject: [tor-relays] Keep smiling only - i dont expect any answer Time (GMT): Apr 01 2015 14:02:00 From: cmar...@yandex.com To: tor-relays@lists.torproject.org nice abuse :) From: i...@kftc.or.kr To: ab...@wedos.com Date: 01.04.2015 08:42:07 Subject: [KF/ISAC] Warning! Unauthorized Access Trial! Dear Network Manager : I am a network security manager of Korea Financial Telecommunications and Clearings Institute(KFTC). My job is to protect Korean financial organizations from illegal intrusion attacks. We have received a report of unauthorized access trial originating from your site as shown below. Date/Time(GMT+9): 2015-04-01 12:47:46 ~ 2015-04-01 12:47:46 Source IP : 37.157.192.208 Destination IP : 59.11.68.197 Attack Type : FCKeditor_Vul We are seriously considering notifying these illegal attempts to the related authorities of both your and our countries and requesting proper legal actions. So, please take appropriate measures to identify and stop the attacker. And, please inform us of the results. (i...@kftc.or.kr) Thank you for your cooperation. p.s. : If you are not the correct person to deal with this incident, please forward this to the proper person and inform us for future convenience.___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
