Re: [Full-disclosure] [botnets] the world of botnets article and wrong numbers

2006-09-15 Thread Dude VanWinkle
On 9/15/06, Richard Golodner [EMAIL PROTECTED] wrote: As we had seen today everybody has an opinion about how the Botnet metrics are computed. I have been reading Gadi's post for many years now and believe he is a very knowledgeable and competent person. Give the guy a break, he has

Re: [Full-disclosure] [botnets] the world of botnets article and wrong numbers

2006-09-15 Thread Georgi Guninski
what about the inverted question: how much of the internet connected computers are *not* part of botnets? since exact number are hard to prove, the ratio BOTNETTED/NONBOTNETTED seems easier to be found. -- j EOM ___ Full-Disclosure

[Full-disclosure] [ GLSA 200609-11 ] BIND: Denial of Service

2006-09-15 Thread Raphael Marichez
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200609-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

[Full-disclosure] 0day IE6? ActiveX COM

2006-09-15 Thread Tyop Tyip
Does someone have more informations about a 0day on ActiveX? Here's my links: http://www.milw0rm.com/exploits/2358 http://blogs.securiteam.com/index.php/archives/600 http://www.xsec.org/ -- Tyop? ___ Full-Disclosure - We believe in it. Charter:

Re: [Full-disclosure] 0day IE6? ActiveX COM

2006-09-15 Thread Juha-Matti Laurio
SANS ISC: http://isc.sans.org/diary.php?storyid=1701 MS Security Advisory #925444: http://www.microsoft.com/technet/security/advisory/925444.mspx CVE-2006-4777: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4777 Several Critilal Risk security advisories (Extremely Critical SA21910,

Re: [Full-disclosure] AFS - The Ultimate Sulution? -- What is the point?

2006-09-15 Thread マグロ原子
In-Reply-To: [EMAIL PROTECTED] I don't really see the point... Possible vulnerabilities (if I didn't horribly misunderstand something): *The AFS server would still need to be updated to keep it secure. *If the imaged OS is rootable: **The AFS clients that load the images could be replaced by

[Full-disclosure] It would be great if you could reply to messages without starting a new thread... (Was: 0day IE6? ActiveX COM)

2006-09-15 Thread マグロ原子
In-Reply-To: [EMAIL PROTECTED] Would that be possible? Kind regards... Nyoro~n ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Gmail phishing attacks

2006-09-15 Thread Peter Dawson
A clever exploit in a little known Google service could be used to launch phishing attacks, by imitating Google services -- hosted on Google's own servers !! more details here http://ericfarraro.com/?p=6 ___ Full-Disclosure - We believe in it. Charter:

[Full-disclosure] rPSA-2006-0169-1 firefox thunderbird

2006-09-15 Thread rPath Update Announcements
rPath Security Advisory: 2006-0169-1 Published: 2006-09-15 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: firefox=/[EMAIL PROTECTED]:devel//1/1.5.0.7-0.1-1 thunderbird=/[EMAIL

[Full-disclosure] What is Google Binary Search and Should We Fear it?

2006-09-15 Thread Michael Sutton
When Websense went on record (http://www.pcworld.com/article/id,126371-page,1/article.html) stating that they were using an undocumented Google search feature to identify malcode samples, it garnered a fair bit of media attention. A couple of weeks later when HD Moore released code for his Malware

[Full-disclosure] ASP Auditor Beta 2 Released

2006-09-15 Thread David Kierznowski
ASP Auditor v2 BETA Author david.kierznowski_at_gmail.com http://michaeldaw.org Purpose: Look for common misconfigurations and information leaks in ASP.NET applications. This tool is based on H D Moore's Dot Net Application Scanner Author: H D Moore URL:

Re: [Full-disclosure] Linux kernel source archive vulnerable

2006-09-15 Thread Schanulleke
Chris Umphress wrote: That assumes a proper umask. The kernel source should not depend on the end user's umask being setup properly. Is it the kernel developers' fault if your umask is extremely lax for a normal user? If it is lax, security of the kernel source isn't your only problem

[Full-disclosure] [SECURITY] [DSA 1177-1] New usermin packages fix denial of service

2006-09-15 Thread Martin Schulze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 1177-1[EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze September 15th, 2006

Re: [Full-disclosure] AFS - The Ultimate Sulution? -- What is the point?

2006-09-15 Thread Dean Pierce
There is the convenience issue of the speed that the image transfers across the network. There is also the issue that infected workstations may be collecting passwords. My suggestion would be to use the harddrives in the workstation to store the boot images, and have the minimal operating system

[Full-disclosure] AttackAPI (0.7)

2006-09-15 Thread pdp (architect)
http://www.gnucitizen.org/projects/attackapi/ Client Enumeration Server Enumeration AuthorizationForcer ExtensionScanner HistoryDumper NetworkSweeper PortScanner Utils JavaScriptShell UsernameScanner URLScanner Base64Encoder + RequestBuilder Now it can compose requests, fetch text and binary

Re: [Full-disclosure] tar alternative

2006-09-15 Thread Aaron Gray
Tim wrote: Don't. Untar. Archives. As. Root. It's that simple. Or are you also going to complain about the fact that there are tar versions out there that don't strip a leading / from the archive? Much fun can be had when you carelessly extract as root, then. Hello, Sorry

[Full-disclosure] Info about HTA file [spam or malware ?]

2006-09-15 Thread Dev Anand
Hi All, Well two days back we received an email from [EMAIL PROTECTED] with an username and password and a .hta attachment called mail.zip which contained a hta file . This attachment contains a zip file with name mail.zip and size of *2020 bytes* and MD5sum of