Re: [Full-disclosure] full disclosure archive mail-scanning bot

On 6/3/06, Anil Gulecha <[EMAIL PROTECTED]> wrote: Joined this list recently, and was browsing the archives online. Was wondering that someone not really interested could easily download the compressed archives and use a script to read through and gather email IDs. Simple searching for *_at_*.* (

RE: [Full-disclosure] n3td3v agenda revealed

Hey there, Here are a few interesting words from http://www.searchlores.org/trolls.htm --- A troll is basically one who posts messages intended to insult and provoke per fas et nefas (see [Trolls and Schopenhauer] below). For each person who responds, the poster (the troll as a person) will c

Re: re : [Full-disclosure] n3td3v agenda revealed

On Sat, 03 Jun 2006 18:49:48 BST, n3td3v said: > Our international security group is the biggest underground group on > the internet today. How flipping underground can a Yahoo group *be*? (And I'll overlook how you know the exact size of the *other* underground groups, when they are presumably t

[Full-disclosure] people

Dear active participants!Please don't feed the trolls (1). I beg you.[insert name here] will just reply to all your emails and continue if he is given space to express himself. Please delete the emails and IGNORE them to make this list readable. If you feel like replying/flamling/wasting (YOUR OWN)

Re: [Full-disclosure] Tool Release - Tor Blocker

On 6/4/06, Bill Weiss <[EMAIL PROTECTED]> wrote: [...] 1) Where did you get that list from? The Tor server I run (which has been up continually for over a year) isn't in it. 2) Some of us use our Tor servers for "legitimate" traffic as well. You'll block all of that traffic. Are you sure you d

Re: [Full-disclosure] Tool Release - Tor Blocker

Bill Weiss([EMAIL PROTECTED])@Sat, Jun 03, 2006 at 11:15:58PM +: > 3) I think you've just suggested giving a webpage (one which may be > hostile towards your goals) control over who can and cannot access your > web server. What happens if one day that CGI hands you a list containing > every IP

Re: [Full-disclosure] Tool Release - Tor Blocker

[EMAIL PROTECTED]([EMAIL PROTECTED])@Sat, Jun 03, 2006 at 12:59:31AM -0400: > On Fri, 02 Jun 2006 23:47:38 CDT, str0ke said: > > Umm what about the new ip addresses that are added to the tor network? > > > > http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&textonly=1 > > Ahh.. ther

RE: [Full-disclosure] Tool Release - Tor Blocker

> The purpose of this module is not to increase the security of your server, but to allow you to prosecute hackers after the > fact. If your server has a remotely exploitable vulnerability and you block Tor nodes, you can still be hacked from any > other IP address on the Internet. > The only di

Re: [Full-disclosure] Tool Release - Tor Blocker

Salut, On Sat, 2006-06-03 at 16:19 -0600, Jacob Weeks wrote: > isn't there also a financial requirment before anyone (police, fbi, > ... ) would actually investigate the incident? Yes, but financial "implications" can be escalated almost arbitrarily because noone who will be handling the case has

Re: [Full-disclosure] Tool Release - Tor Blocker

isn't there also a financial requirment before anyone (police, fbi, ... ) would actually investigate the incident? see the ?, it's a question, not a statement. On 6/3/06, Alexander Sotirov <[EMAIL PROTECTED]> wrote: The purpose of this module is not to increase the security of your server, but

Re: [Full-disclosure] Tool Release - Tor Blocker

The purpose of this module is not to increase the security of your server, but to allow you to prosecute hackers after the fact. If your server has a remotely exploitable vulnerability and you block Tor nodes, you can still be hacked from any other IP address on the Internet. The only difference i

RE: [Full-disclosure] Tool Release - Tor Blocker

Title: Message   Would it be a big think to ask that you try to get along?   Steven: hardcoding tor node IP's into a module, blocking tor as a means of security is weird I agree but cussing and flaming never helped anybody - I've read other replies in the thread that were a lot more useful t

Re: [Full-disclosure] blocking tor is not the right way forward. It may just be the right way backward.

Salut, On Sat, 2006-06-03 at 16:15 -0400, John Sprocket wrote: > i imagine a forensics person looks and sees a tor ip and thinks "okay. > i just deadended. there's nothing i can do because this is a tor exit > node." with a botnet, most bots can be traced back to their meeting > point which is a l

Re: [Full-disclosure] Tool Release - Tor Blocker

Those acronoyms prove that I know more than you apparently. Way to demonstrate your l33t hax0r skills.Jason Areff CISSP, A+, MCSE, Security+ == Better than Steven Rakick -- security through obscurity isnt security --On 6/3/06, Steven Rakick <[EMAIL PROTECTED]> wrote: Here's

Re: [Full-disclosure] blocking tor is not the right way forward. It may just be the right way backward.

so you're saying sacrifice the ability for a identifying legit attacker for thesake of allowing privacy for the masses? okay, sure. i never reallycared about my data in the first place. ;-)attackers have other ways, most definitely. but why use one of those other methods (proxying through a botnet)

Re: [Full-disclosure] How stop DoS and SYN attack..

> [...] or related a SYN attack ? http://cr.yp.to/syncookies.html tim ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] n3td3v bashers on FD

But most of us can create complete sentences, and you can't. You have appeared like an obnoxious troll, and you continue to appear as one. As being way too old I can still understand your wish to be regarded serious but I'm sorry, you are a complete moron, and you you have failed every test. Y

Re: [Full-disclosure] Tool Release - Tor Blocker

sure, there's a lot of legitimate tor users out there. but tor is a freecommunity supported proxy chain. an attacker can use this great toolin their attacks in order to keep themselves hidden. a securityminded administrator would probably not want a user to visit their site and remain hidden. why i

Re: [Full-disclosure] How stop DoS and SYN attack..

¿any know a way to stop via Linux with iptables or related a SYN attack ? Ask in the proper list: https://lists.netfilter.org/mailman/listinfo/netfilter ¿where i can read something related to this? Google? Ruben ___ Full-Disclosure -

[Full-disclosure] n3td3v bashers on FD

We're the biggest security group around, theres nothing you can say to change that. We are professionals who work at the major dot-coms and earn all the money, you people are just stupid. You call us lame but look at you. None of you have released vulnerabilites. None of you are at the cutting edg

RE: re : [Full-disclosure] n3td3v agenda revealed

Oh boi, all we need one more 'group' as they call it.. -=z3r0c001 N0ths.com security portal ' or 1=1;-- SELECT 'www.tsploit.com' -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J.A. Terranson Sent: Saturday, June 03, 2006 2:41 PM To: n3td3v Cc: full-dis

RE: re : [Full-disclosure] n3td3v agenda revealed

Don't take this wrong, I highly respect the folks here, but I wonder how long it is going to take folks to realize that by dignifying his posts with replies, you give him what he wants, you fulfill some need he has. You also perpetuate what he is trying to accomplish. I am quite sure that there i

Re: [Full-disclosure] Tool Release - Tor Blocker

On Sat, 3 Jun 2006, Jason Areff wrote: > -- > security through obscurity isnt security > -- Yet you are attempting to inccrease the "seurity" of your web server by making it obscure to TOR users? Why don't you secure your web server instead? -- Yours, J.A. Terranson [EMAIL PR

[Full-disclosure] How stop DoS and SYN attack..

¿any know a way to stop via Linux with iptables or related a SYN attack ? ¿where i can read something related to this? Thanks in advance. P.S: sorry for my bad english :D -- Alberto Ferrer ___ Full-Disclosure - We believe in it. Charter: http://lists.g

Re: re : [Full-disclosure] n3td3v agenda revealed

On Sat, 3 Jun 2006, n3td3v wrote: > On 6/3/06, Anil Gulecha <[EMAIL PROTECTED]> wrote: > > > > LOL > > > > Hi, > > You're the kind of person who laughed when there were people planning > to throw planes into the world trade center, then after it happened > you still laughed. > > It is kind of why

Re: re : [Full-disclosure] n3td3v agenda revealed

Jesus n3td3v, give it a fucking rest already. - Original Message - From: n3td3v To: full-disclosure@lists.grok.org.uk Sent: Saturday, June 03, 2006 6:49 PM Subject: Re: re : [Full-disclosure] n3td3v agenda revealed On 6/3/06, GroundZero Security <[EMAIL PROTECTED]> wrote: Hello David

Re: re : [Full-disclosure] n3td3v agenda revealed

On 6/3/06, GroundZero Security <[EMAIL PROTECTED]> wrote: Hello David, while your intentions are nice, you wont have much luck, as he wont listen. In his universe he thinks he is the king. Its a mental problem and you cant help him. All we can do is see it with humor :-) afterall he is pretty e

Re: [Full-disclosure] Tool Release - Tor Blocker

Salut, On Sat, 2006-06-03 at 09:56 -0700, Steven Rakick wrote: > Oh, and learn how to code you before you start posting > like you're all that. "If it compiles, it's good, if it boots, it's perfect." -- Linus Benedict Torvalds Tonn

Re: [Full-disclosure] Tool Release - Tor Blocker

Here's an idea. Remove those lame ass fucking acronyms from your signature you clueless fucking dork. Oh, and learn how to code you before you start posting like you're all that. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Areff Sent: Saturday, June 03, 2006 10:32 AM

Re: [Full-disclosure] Tool Release - Tor Blocker

Jason Areff wrote: > To mitigate most tor attackers we've written an apache module designed > to give tor users a 403 error when visiting a specific website. We > suggest all administrators whom do not wish a malicious tor user to > v

Re: [Full-disclosure] Tool Release - Tor Blocker

It is really unfortunate that most people that replied to this feel the need to be haughty in their responses. I was simply trying to create a tool to give back to the community. Our servers were comprimised by a tor user and I saw the need to do my best to blacklist such users. If this is not your

Re: re : [Full-disclosure] n3td3v agenda revealed

Hello David, while your intentions are nice, you wont have much luck, as he wont listen. In his universe he thinks he is the king. Its a mental problem and you cant help him. All we can do is see it with humor :-) afterall he is pretty entertaining. EVERYONE here knows that n3td3v is just some l

Re: re : [Full-disclosure] n3td3v agenda revealed

n3td3v: You seem to have multiple personalities. You sure spill a lot of gibberish here and many places. I have tried blocking your e-mails and you still get through. May I please recommend for you to take one step back and collect your thoughts next time you respond to another e-mail. I don't

[Full-disclosure] [SECURITY] [DSA 1089-1] New freeradius packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1089-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze June 3rd, 2006

Re: re : [Full-disclosure] n3td3v agenda revealed

Salut, On Sat, 2006-06-03 at 12:35 +0100, n3td3v wrote: > You're the kind of person who laughed when there were people planning > to throw planes into the world trade center, then after it happened > you still laughed. > > It is kind of why cyber security is in the same sorry ass state as > mainl

Re: re : [Full-disclosure] n3td3v agenda revealed

On 6/3/06, Anil Gulecha <[EMAIL PROTECTED]> wrote: LOL Hi, You're the kind of person who laughed when there were people planning to throw planes into the world trade center, then after it happened you still laughed. It is kind of why cyber security is in the same sorry ass state as mainland

Re: [Full-disclosure] Tool Release - Tor Blocker

Salut, On Sat, 2006-06-03 at 00:21 -0400, Jason Areff wrote: > It has come to our attention that the majority of tor users are not > actually from china but are rather malicious hackers that (ab)use it > to keep their anonymity. At this point, I would like to ask you not to use this tool in the w

[Full-disclosure] Blackhat USA 2006 - Review , remarks and proposal agenda

the Blackhat agenda for USA 2006 session had just been published : URL The first remark is that this year, Blackhat USA, will be an incredible briefing ! There will be several Zero day announcements. For example: Brendan O'Conn

[Full-disclosure] [SECURITY] [DSA 1088-1] New centericq packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1088-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze June 3rd, 2006

[Full-disclosure] full disclosure archive mail-scanning bot

Joined this list recently, and was browsing the archives online. Was wondering that someone not really interested could easily download the compressed archives and use a script to read through and gather email IDs. Simple searching for *_at_*.* (this method is used for displaying IDs at the beginni

[Full-disclosure] [SECURITY] [DSA 1087-1] New PostgreSQL packages fix encoding vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1087-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze June 3rd, 2006