Re: [Full-disclosure] NIPS/NIDS prodcuts: HTML evasions

On 11/19/2010 11:50 AM, Uma Mahesh Venkata wrote: > While buying any NIPS/NIDS product, what kind of HTML-evasions we should > look from product? All of them, naturally. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-dis

Re: [Full-disclosure] WikiLeaks

Christian Sciberras wrote: > Want a piece of my mind? Read Schneier article on "the 'SCADA' virus"... > > > Cheers, Chris. Wait. You wrote that article? I always figured Schneier had ghostwriters. ___ Full-Disclosure - We believe in it. Charter: http://

Re: [Full-disclosure] Dumb question: Is Windows box behind a router safe ?

Steve really needs to ask himself, if all his pop does is run Firefox and email, why he's running Windows on that machine at all? Not safer per se, but a less meaty target. Still needs a nightly auto-update, though. Also, (hi, John) filtering egress is pretty well moot on $home_router, most connec

Re: [Full-disclosure] [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)

Sure, you say that now, but wait until I maliciously entice you to click on my BROWSER-HANGING SVG OF DEATH!!! Chris Evans wrote: > On Wed, May 27, 2009 at 12:03 PM, Thierry Zoller > wrote: > > Hi Michal, > > Yep, positive, welcome to the world of rediscovery

[Full-disclosure] OwnTheBox @ DC16: Pwning for dollars

OwnTheBox, now in year 0x01, continues its hallowed tradition of creating temporary autonomous zones comprised of random people asking to be haxored to test their defensive Kung Fu. We're a defender contest, of sorts, which means the following: * Contestants bring a server, running some hardene