-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVA-2009:027
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:044
http://www.mandriva.com/security/
On Thu, Feb 19, 2009 at 7:15 PM, simon_lists wrote:
> Joshua,
>I understand why you wrote what you did but you're wrong. Let me
> explain...
>
>Today the security industry is a confused and immature place. Most
> vendors offer half assed services that sell for half assed prices.
On Thu, 19 Feb 2009 23:38:37 EST, T Biehn said:
> God Valdis,
> Dont concentrate on the mundane, the core issue is the unpredictable
nature
> of it.
> You have them all coordinate reading the news at 12:00 AM GMT.
> You build some silly algorithm that ensures they pick the right article.
Right, s
Valdis.
No.
There's nothing complicated about it - it's dead simple.
Who needs a botnet available 24/7?
The registrars are all down at the same time?
Why does it have to be domains?
Perhaps the bots pick a range of IPs to scan based on the news... any bots
with IPs falling into this range become C&
Hi Loki
On Feb 20, 2009, at 9:24 AM, Smoking Gun wrote:
> On Thu, Feb 19, 2009 at 7:15 PM, simon_lists
> wrote:
>
>> Joshua,
>> I understand why you wrote what you did but you're wrong. Let
>> me
>> explain...
>>
>> Today the security industry is a confused and immature
>> pla
On Fri, Feb 20, 2009 at 9:44 AM, Adriel T. Desautels
wrote:
> Hi Loki
>
This would be the second time I ask you publicly, is that all you have to offer?
Surely you or Simon can come together and offer a meaningful response to
my previous post. For those in the United States, you have the show Gho
Webshag 1.10 has been released! This new version provides several
feature enhancements as well as some bug-fixes.
For those who don't know it, webshag is a free, multi-threaded,
multi-platform web server audit tool. Written in Python, it gathers
commonly useful functionalities for web server audit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:046
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Travis!
On Thu, 19 Feb 2009, T Biehn wrote:
> You know how the current amateur botnet offerings are basing domain lists
> off the current time to allow the 'good guys' to prepare?
>
> Why not base the seed off something like a news RSS feed?
Or h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:045
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:047
http://www.mandriva.com/security/
Yeah man you get the point.
Even if they do reverse it, you can digitally sign each of the commands, so
if a bot hunter even got the balls to 'break the law' and send the rm
command they'd fail.
It's about eliminating their lead time, right now they can just put controls
in with registrars to dis
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:048
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:049
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:050
http://www.mandriva.com/security/
16 matches
Mail list logo