that when we said backup in case of cut lines, we really
meant it.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France
___
Full-Disclosure - We believe
that, there is an explicit statement [2] that forbids
recording contents or data related to the visited web pages.
Yes, because that is considered wiretapping, which requires a judge
to determine if you have enough cause to warrant the breach of
privacy involved.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1
enforce passphrases
on those keys. You can unknowingly lower your security by moving to a
key-based login, because some people who would type a password to log-in
will not bother securing their passphrases if they are forced to use a
private key.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1
the proved state by introducing external
unvalidated states, and you're back to square one.
Being able to validate the integrity of a system requires *at least* the
entire potential system, which is why systems in general cannot
self-prove: they require more than themselves.
--
Vincent ARCHER
[EMAIL
approach of erasing
the state of the system after use, and rolling it back to a proven
safe and stable one.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France
programmer that apache
is in fault here. Apache should have done the expected work, and
validated that the request was standards-compliant. It didn't, and that
opens up a huge chasm in which plenty of problems, vulnerabilities and
others, may hide.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07
where the Microsoft momentum can falter.
That, or major blunders. Microsoft has enough resources to survive most
of anything... but you can survive as the number 2 or 3, or #5 guy on
the market. Survival is not dominance.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
Fax : +33
ago, I think).
Anyone else running Solaris?
We do, and we confirm. The info is spreading like wildfire, and justifiably
so - I thought this bug category (-fuser) was squashed last with AIX over
10 years ago.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47
the attacking URL comes from. So, if you're investigating the
hack, you have no data; you need to get Google to cooperate with you,
so they can find where the URL came from, and then investigate from
there.
That adds Google as an additional cut-out and delays any investigation.
--
Vincent ARCHER
[EMAIL
, and
default to it when unable to fetch the profile - I'm sure the sysadmins
added fancy tricks to destroy any local profile once you've logged out,
and the building of the account profile when you log in for the first
time is where the drop to admin happens.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33
the ssldump utility ( http://www.rtfm.com/ssldump/ )
to decrypt a tcpdump capture of the SSL traffic.
Ettercap looks like it has the ssldump feature integrated, but, again, you
do need to have the SSL key of the server to decipher the session.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1
).
And that's almost as dangerous to american interests as NSA being
unable to spy on them.
--
Vincent Archer Email: [EMAIL PROTECTED]
All men are mortal. Socrates was mortal. Therefore, all men are Socrates
on the exam and put the book away. We were given 6 hours
*
He scored 92 on the practice in the book. Then took the real exam.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 49 96
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France
On Sat, Dec 03, 2005 at 01:47:10AM +0530, Debasis Mohanty wrote:
Another funny statement is - Please rename your file to filename.zzp and
resend to ensure delivery.
Works fine. The virus will not act on this suggestion, while a real user
will see it and resubmit a new attachment.
--
Vincent
the non-GPL
version of Nessus. That's what Arnaud points out: there is very very few
parts of Nessus that were contributed by the outside community. Once those
parts are gone, Nessus 3.0 can go on, even if it shares 95% of its code
with the GPL Nessus 2.2.5 initially.
--
Vincent ARCHER
[EMAIL
directly to the server, without any alteration to content, connection and
timing, and sometimes this assumption fails. If that's the case, you're
out of luck.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires
of the security mailing lists I'm subscribed to.
So, be patient. You'll have your fill quickly.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France
:
ubiquitous law enforcement
(Vinge, being moderately libertarian, of course views that as The Ultimate
Evil)
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Attention !!! A compter du 29 mars, Deny All change d'adresse :
23 rue Notre-Dame des Victoires
it or supplement it).
Reverse engineering and publishing your findings is not automatic. That's
where consumer protection laws start to interfere with IP, and that's
where lawyers start earning their fees.
At least, it's not DMCA.
--
Vincent ARCHER
[EMAIL PROTECTED]
Tel : +33 (0)1 40 07 47 14
19 matches
Mail list logo