[Full-disclosure] RVAsec 2013 CFP Now Open

2012-12-12 Thread Sullo
What: RVAsec 2013 When: May 30 – June 1, 2013 Where: Richmond, Virginia CFP Deadline: February 4th, 2013 at 11:59 PM Eastern Info: http://rvasec.com/ RVAsec is a Richmond, VA based security convention that brings top industry speakers to the midatlantic region. In its first year, RVAsec 2012 att

Re: [Full-disclosure] Google's robots.txt handling

2012-12-12 Thread Patrick Webster
I wouldn't consider this an issue. If Google didn't do this, someone else would have (e.g. my rather old http://www.aushack.com/robanukah/ does it but I never bothered to index the web at large). I believe it was suggested to Shodan and others, so it was only a matter of time. If anything, Google

[Full-disclosure] Network Reconnaissance in IPv6 Networks (errata)

2012-12-12 Thread Fernando Gont
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Folks, (My previous email was referencing the wrong document -- the text below has been fixed as appropriate) We have published a revision of our IETF Internet-Draft entitled "Network Reconnaissance in IPv6 Networks". This document has now been adopt

[Full-disclosure] Network Reconnaissance in IPv6 Networks

2012-12-12 Thread Fernando Gont
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Folks, We have published a revision of our IETF Internet-Draft entitled "Security Implications of IPv6 on IPv4 Networks". This document has now been adopted as a working group item of the IETF opsec working group. The I-D is available at:

[Full-disclosure] [ MDVSA-2012:179 ] cups

2012-12-12 Thread security
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2012:179 http://www.mandriva.com/security/ _

Re: [Full-disclosure] Google's robots.txt handling

2012-12-12 Thread Christoph Gruber
On 12.12.2012 at 00:23 "Lehman, Jim" wrote: > It is possible to use white listing for robots.txt. Allow what you want > google to index and deny everything else. That way google doesn't make you a > goole dork target and someone browsing to your robots.txt file doesn't glean > any sensitive fi

Re: [Full-disclosure] Removing seless email addresses (on FD list)

2012-12-12 Thread John Cartwright
On Tue, Dec 11, 2012 at 11:58:58PM +0100, Christian Sciberras wrote: > It is quite annoying to have a volley of bounce mail form > non-existent/(re)moved mailboxes. > > Can't we somehow limit this? I recall in other newsgroups software, several > bounced(reply) emails to a periodic (monthly? bimon

Re: [Full-disclosure] Google's robots.txt handling

2012-12-12 Thread Lehman, Jim
It is possible to use white listing for robots.txt. Allow what you want google to index and deny everything else. That way google doesn't make you a goole dork target and someone browsing to your robots.txt file doesn't glean any sensitive files or folders. But this will not stop directory bruti

Re: [Full-disclosure] Removing seless email addresses (on FD list)

2012-12-12 Thread Alan J. Wylie
Christian Sciberras writes: > Can't we somehow limit this? I recall in other newsgroups software, > several bounced(reply) emails to a periodic (monthly? bimonthly?) ping > would automatically retire the email in question (perhaps after a > warning or something such). http://en.wikipedia.org/wik