What is always required is a machine where the user has the ability to write
packets to the network with any IP. This usually means super user access.
It is difficult in most cases to send udp packets with forged IP since
routers will not accept them. That is why it is difficult to
Soo y'all know not to click on those emails from your bank, or from
any other bank, in your inbox and now you just delete them ... why
not automate this process? It's easy, just filter a whole bunch of
banking names straight to your deleted items.
All you do is create a rule for each bank,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1620-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
July 27, 2008
And yet some banks do, in fact, send real emails to their clients ...
Sent from my Verizon Wireless BlackBerry
-Original Message-
From: lsi [EMAIL PROTECTED]
Date: Sun, 27 Jul 2008 14:10:38
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] simple phishing fix
Soo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1619-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Devin Carraway
July 27, 2008
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE requests can be sent to [EMAIL PROTECTED] or to me directly. My PGP
key is below, or accessible from the MIT public key server.
Alternately, you can request them from Candidate Numbering Authorities
(CNAs) which include the security teams at Red
On Sat, Jul 26, 2008 at 01:08:25PM -0400, Steven M. Christey wrote:
The amount of information you need to provide can vary and is somewhat
negotiable. We need to be sure how many CVEs to assign.
lol.
this is the lamest way to social engineer 0days i have ever seen!
even people begging
isn't the point of tech journalists to blog about stuff they dont understand
to scare/awe clueless people and give informed people material to laugh at?
If this is true Nate McFeters should be getting tech journalists awards and
hall of fame.
On Fri, Jul 25, 2008 at 1:37 PM, Fredrick Diggle
1% per hour for each target. Lots of targets.
The need for something more like ssl certs in there remains. (Also needed for
bgp I suspect). By extension, some web of trust variation of CERTs would
make much of this easier for those not interested in or able to pay for
certs from commercial
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2008:155-1
http://www.mandriva.com/security/
On Sat, 26 Jul 2008 23:19:53 +0100 n3td3v [EMAIL PROTECTED]
wrote:
On Sat, Jul 26, 2008 at 11:10 PM, Paul Schmehl
[EMAIL PROTECTED] wrote:
there *is* such a thing as criminal negligence.)
Could we not charge HD Moore and I)ruid with this?
All the best,
n3td3v
Stop trying to stifle the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1621-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
July 27, 2008
Wow, you our are savior.. no, no our e-Hero! Forget patches for software
bugs.. This guy can teach us how to set up a mail filter!!
Seriously dude.. do you think we care about, or are too inept to set up mail
filter rules? Go find another list to contribute to, you are a joke.
I thought Francis E Dec died...
On Sat, Jul 26, 2008 at 7:04 AM, n3td3v [EMAIL PROTECTED] wrote:
On Sat, Jul 26, 2008 at 6:02 AM, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Instead of criticizing someone for releasing an exploit (which is a bit like
criticizing a cow for making milk) direct
14 matches
Mail list logo