How many times do I have to tell everyone I am NOT in the same state as the
school right now I am at my parents' house for the week. So looking up my IP
addy won't get you even close to where the school is located. Second, I have
called it a school, it could be a Univeristy, College, Community C
Hey man.
I used to work at a university so I might be able to lend some assistance here.
for example, if you go to stonybrook university, you should go to the
head of SUNY.
If the University of Georgia was the culprit, then go the the
University System of Georgia.
Each school (if state run) sho
On Sun, 23 Apr 2006 02:24:35 CDT, CrYpTiC MauleR said:
> How many times do I have to tell everyone I am NOT in the same state as the
> school
Might want to re-read what I said. I said that your estimate of the inbound
student count tells us *more* than the traceroute (in other words, I'm agreein
On Sat, Apr 22, 2006 at 03:31:31PM -0500, Justin Terry wrote:
> Hello List!
>
> I am a long time reader, first time poster, and everything like that.
>
> I use a proxy service that runs in my system tray, (the onion router, and
> privoxy, in conjunction) and when i use this software, everything
There are Tor DNSBLs, which have been incorporated into popular blacklists such as SORBS. Since you can poll the directory server for a list of exit nodes this is rather easy to compile. Tor does not give an x-forward-for.
To avoid getting hosts that have been blacklisted, use newer proxies that ha
Hi,
I think we're missing something here. So, you're not going to disclose
a security hole until the scholl has sorted the situation out, yes?
but is the system in use a home-built application or an off-the-shelf
system. if its the former then some people need to be looking at what
policies are i
--Security Report--
Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion
Vulnerability.
---
Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
---
Date: 22/04/06 13:37 PM
---
Contacts:{
ICQ: 10072
MSN/Email: [EMAIL PROTECTED]
Web: http://www.nukedx.com
}
---
Vendor: MyGamingLad
Brian Eaton wrote:
Universities tend to be fairly
decentralized places, where academic freedom can count for a lot more
than a secure network. Plus a university network has fewer secrets to
protect than a business.
Depending on the University, I might or might not agree with that. I
know
Brian Eaton wrote:
than a secure network. Plus a university network has fewer secrets to
protect than a business.
University networks also have thousands to tens of thousands of bored
students with high-speed Internet access and little machine-side policy
enforcement.
In my experience t
john kalergis wrote:
>> So, let's see Washington... Virginia Ohio Illinois
>> Missouri
>>
>> You're in Kansas, right?
> woweverybody here is more than impressed
>
Well, I don't suppose *everybody* has had a sense of humour bypass. And
there's a valid point I was
[EMAIL PROTECTED] wrote:
> The number of US universities big enough to have 7,000 incoming students
> is extremely limited. *that* little tidbit probably tells us more than
> the fact his traceroute ends in Kansas.
Plus he just gave away that his parents work there, so we can cut it down
CrYpTiC MauleR wrote:
> students attending. So everyone please dont wast your time trying to
> play 'who can guess what school it is or where it is?' because I
> really will not verify if you are correct or not and plain do not
> want to play that game. I just asked FD on advice of what to do
> co
Fixer wrote:
> Brian Eaton wrote:
>> than a secure network. Plus a university network has fewer secrets
>> to protect than a business.
>
>
> Depending on the University, I might or might not agree with that. I
> know of several that have DoD funded research projects going on that
> require Top S
On 4/23/06, Andrew A <[EMAIL PROTECTED]> wrote:
> Tor does not give an x-forward-for.
Easy fix to detect the Tor users is just to dump a cache file every
hour or so and regex the connecting ip address.
http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&textonly=1
> use newer proxies
On 4/23/06, Randal T. Rioux <[EMAIL PROTECTED]> wrote:
> > I suspect the anonymous educational institution in question is hardly
> > the only vulnerable site out there. Universities tend to be fairly
> > decentralized places, where academic freedom can count for a lot more
> > than a secure networ
My parents do not work there, I never said they do. Did it ever occur to you
that the school would have stored parent info from financial aid? also I do not
plan on revealing any SSNs to anyone even to make a point. That will definetly
get me jail time even if its in good faith.
> - Origin
Wouldn't it matter on which state? I know California for instance has strict
laws about telling public of breaches, but not sure about other states. I will
be calling the Attorney General of the the school's state tomorrow so should
have a good answer.
> - Original Message -
> From: "
###
Luigi Auriemma
Application: Fenice - Open Media Streaming Server
http://streaming.polito.it/server
Versions: <= 1.10 and current SVN 2005-07-26
Platforms:*nix, *BSD and oth
###
Luigi Auriemma
Application: OpenTTD
http://www.openttd.org
Versions: <= 0.4.7
Platforms:Windows, *nix, *BSD, Mac and others
Bugs: A] program termination through big
###
Luigi Auriemma
Application: Skulltag
http://www.skulltag.com
Versions: <= 0.96f
Platforms:Windows
Bug: format string
Exploitation: remote, versus server
Date:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200604-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
Thanks for the answers guys!
What would be an example of one of those newer proxies that was mentioned?
~ JD
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://
--On April 23, 2006 1:48:16 PM -0500 CrYpTiC MauleR
<[EMAIL PROTECTED]> wrote:
Wouldn't it matter on which state? I know California for instance has
strict laws about telling public of breaches, but not sure about other
states. I will be calling the Attorney General of the the school's state
to
--On April 23, 2006 3:11:40 PM +0100 "Dave \"No, not that one\" Korn"
<[EMAIL PROTECTED]> wrote:
CM, my suggestion would be to phone up the Dean/Principal while he's in
the middle of his sunday lunch and read out his SSN to him and tell him
how he can go to his computer and see it for himself
On Sunday 23 April 2006 01:30, Michal Zalewski wrote:
> Perhaps not surprisingly, there appears to be a vulnerability in how
> Microsoft Internet Explorer handles (or fails to handle) certain
> combinations of nested OBJECT tags. This was tested with MSIE
> 6.0.2900.2180.xpsp.040806-1825 and mshtml
Title: RE: Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities.
patched in version 0.9.3.1
-Original Message-
From: Mustafa Can Bjorn IPEKCI [mailto:[EMAIL PROTECTED]]
Sent: Fri 4/21/2006 2:54 PM
To: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com; [EMAIL PROTECTE
--Security Report--
Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability.
---
Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
---
Date: 23/04/06 21:07 PM
---
Contacts:{
ICQ: 10072
MSN/Email: [EMAIL PROTECTED]
Web: http://www.nukedx.com
}
---
Vendor: Clansys (http://www.clansys.de.vu/)
V
Confirmed on IE 7 beta 2 on Windows XP SP2
For the record, I don't approve of your disclosure practices, Mr. Zalewski,
but good work none-the-less.
Paul
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ben Lambrey
Sent: Sunday, April 23, 2006 12:17 PM
To:
Out of curriosity ... do you approve of your vendors (M$ in this case)
poor coding practices? How about the disclosure practices that THEY use?
Didn't think so...
-KF
Paul Nickerson wrote:
Confirmed on IE 7 beta 2 on Windows XP SP2
For the record, I don't approve of your disclosure practices
OH NOES!
Paul Nickerson doesn't approve. Who the fuck is Paul Nickerson?
Better yet who cares.
On Sun, 23 Apr 2006 17:34:02 -0700 Paul Nickerson
<[EMAIL PROTECTED]> wrote:
>Confirmed on IE 7 beta 2 on Windows XP SP2
>
>For the record, I don't approve of your disclosure practices, Mr.
>Zal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1039-1[EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
April 24th, 2006
33 matches
Mail list logo
