> i am curious if the congestion / outages to some of asia / middle east
> have had any perceptible impact on bot nets or spam level...
Might be to soon to tell, but the graph on mwcollect.org looks like it
might correlate ;)
___
Full-Disclosure - We
Maybe I'm going about this wrong?
I suspect if you figured out a way to downgrade a handful of
bond/investment companies we might be eating squirrel meat in the local
park come spring ;)
___
Full-Disclosure - We believe in it.
Charter: http://lists.gr
> One planned for Egypt-France is 8 pair, each pair doing 128 lambdas
> at 10Gbit per lambda. Do the math.
That's a lot of retards
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsor
Several months ago I blathered about this topic, and the following
incident backs some of my previous assertions:
http://www.guardian.co.uk/technology/2008/jan/31/internet.blackout.asia
And a quip from the article that just tickles me pink: "...The outage,
which is being blamed on a fault in a
> lol, since when did this become legal and open. Seems like world is
> improving for the betterment.haha
>> On a more serious note, how do you reach a contractual agreement with
>> the purchaser before the transfer of money and code?
>> Let us know on-list, perhaps we can st
> Dismantling Chanology infrastructure
Yes n3td3v, let us know how you manage to dismantle Usenet while you're
at it.
You gonna stakeout people's phones for UUCP too if we get that desperate?
___
Full-Disclosure - We believe in it.
Charter: http://lis
> Is there any of a more.. technical group amongst the Anon? If so
> where? #xenu and #insurgency aren't what I was looking for. Thought
> it'd be apropriate to ask
You have to find people and fork your own channel/query for the more
hardcore stuff. There's a lot of skiddies and a lot of noise.
There have been counter-attacks by other groups and the Church Of
Scientology itself. However, there are plenty of mirrors up.
The main one is: http://partyvan.info.nyud.net/index.php/Project_Chanology
No one said this would be easy ;) But the battle rages.
http://digg.com/political_opinion/Be
Kudos to whoever is behind www.partyvan.info/index.php/Project_Chanology
- that is simply marvelous.
Where is your Xenu now, Tom?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsore
One more device arrived, a Lantronix MSS485-T, an interesting and what
would appear to be older piece - it also supports IPX and LAT:
http://www.lantronix.com/device-networking/external-device-servers/mss485-t.html
All kinds of ports open on this thing according to nmap, but a little
odd... onl
> An organized SCADA pen testing web presence would be extremely cool.
> ...
> What do you think? Do you think some sort of a forum/wiki would be a
> good medium to start with?
To some extent, yes, but considering that I do not respect intellectual
property laws of any kind, I just don't see h
The Phoenix Contact 'FL IL 24 BK-PAC' arrived the other day. It is a
wonderfully German piece of DIN rail
(http://www3.telus.net/public/dt0116/items/dinrails.jpg) gear:
http://eshop.phoenixcontact.com/phoenix/images/productimages/large/20260_1000_int_04.jpg
http://eshop.phoenixcontact.com/phoeni
Anyone one done any poking around with DNP3, ICCP, OPC, Ethernet/IP, etc.?
OK, some more results are in.
> - i.Board i.CanDoIt embedded webserver
> (http://www.csimn.com/CSI_pages/iboard.html) which is built similar to
> the Kohler in that it uses an embedded ethernet module, but this time
> from
> That is certainly
> some rather odd behaviour... The fact that the other ports remained
> makes it likely an application (modbus) problem.
Yes, I thought it was interesting. I really wish I didn't fry the thing
as I'd like to have eliminated the possibility it was something funny on
my end.
> http://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf.
> For example: http://www.modbus.pl/download/zxy66/v19/modbus_perl_client.zip
Thank you for the links.
I like the following: http://www.modbusdriver.com/modpoll.html
"modpoll is a command line based Modbus master simulator and t
OK, having done some digging a decent little chunk of industrial
automation gear has started coming my way; 1 of 6 pieces. All totaled,
roughly under $1000. Small standalone stuff for now; the shipping on
populated PLC chassis like SLC-500 stuff is problematic.
If people have specific technical
I have been doing some thinking, and it seems to me upon surveying the
'scene' (excluding the profiteering criminal element) that too many
people resemble anti-globalization protesters. I do not mean that in a
positive way; I'm talking about the fools who smash the windows of small
businesses in th
> if this happened all FD members would go broke because they are kiddies
> who rely on automated tools for everything
While this may be true, it doesn't mean that they couldn't be a useful
resource.
If you're a script kiddie and you have no money, maybe you have access
to devices that others do
..it would be a nice touch if everyone sent a few dollars to the
projects or authors of the security tools they use. I have donated a bit
already to some of my favourites, but I'm only one person. Alot of folks
have worked hard to bring us some good shit, let's give a little back.
In fact, let's gi
I took the beta of BackTrack3
(http://www.offensive-security.com/bt3b141207.rar.torrent) for a spin
last night and was very impressed.
I have not looked into the anonymizing features, or if there are any
stego tools in it (a man has to sleep sometime) but given the design
those ought to be simple
> if they've got a whitelist for UDP 53 you can openvpn out nicely. i
> get hit or miss success with this; most national hotspot services use
> a DNS proxy for UDP 53 traffic, so you can try OzyManDNS and bask in
> the gratuitous inefficiency of your side channel transport... :)
> sadly, ICMP tunn
> Because what you espouse would result in general lawlessness, a situation
> that
> is worse for the common good than what we have now.
>
That is both an arguable and accurate description of one of my goals.
> More specifically, the impact on captive portals would be an escalating arms
> ra
> Even easier than running a
> special tool is to just setup SSHD or a proxy to listen on TCP 53. You
> can then tunnel out and do as you please without authenticating to the
> captive portal.
Not everyone has access to something listening on 53 that is ready to be
tunneled to. Nor is everyone
If there were an easy to use (gold standard == nmap) and robust tool
capable of bypassing all commonly used captive portals, that would make
for a great 'mischief enabler'.
Some googled links for the lazy lurkers...
http://en.wikipedia.org/wiki/Captive_portal
http://www.eusecwest.com/esw06/esw06-b
>> Yes, I suppose that assertion would be better served by backing it up
>> with some information..
>
> http://www.freehaven.net/anonbib/
> http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ
Thank you for the information.
>> Having seen good crypto ruined by lousy implementations, I thought i
>> So I guess CIA -> CSIS, FBI -> RCMP, and NSA -> CSE/GCHQ/DSD/GCSB. The
>> last bit being the standard bunch of Echelon sons-of-bitches. Those lads
>> must have some fat pipes. Now are they hidden, or hidden in plain sight?
>
> Not that fat, as Tor is usually quite slow.
Well, I would assume th
So I guess CIA -> CSIS, FBI -> RCMP, and NSA -> CSE/GCHQ/DSD/GCSB. The
last bit being the standard bunch of Echelon sons-of-bitches. Those lads
must have some fat pipes. Now are they hidden, or hidden in plain sight?
In any case, it is a certainty than that some law enforcement agencies
are runnin
>> Really, how much trouble could we get in if we posted up a list of
>> street addresses, each address being a building that contained
>> significant telco and/or routing infrastructure?
>
> try it, it's amusing. remember the all the photogs getting hassled by the
> man for merely taking picture
I. D. wrote:
> Datapac? In my experience, there aren't many things left there... of
> course, I don't work in that industry. I thought most transactions/work
> took places on other Canadian packet-switched networks. As for south of
> the border, I know even less.
Well it's been 20 years since I pl
Been giving myself a little refresher on SCADA, hope no-one minds the MLP.
Stock presentation on SCADA security issues:
http://www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Maynor-Graham-up.pdf
Ganesh Devarajan's Defcon presentation was interesting:
http://video.google.com/videoplay?d
> (in telco land, one SONET span over aerial transport and the other buried
> plant is considered sufficient "path diversity/redundancy". never mind that
> the same right of way is used...)
Ah yes, I remember an old story not too dissimilar... multiple redundant
lines, all severed at the same tim
Forgot to tack these onto the last post. The wikipedia entry
http://en.wikipedia.org/wiki/Submarine_communications_cable has some
amusing links in it's reference section:
http://www.telegeography.com/products/map_cable/images/sub_cable_2007_large.jpg
http://www1.alcatel-lucent.com/submarine/refs/W
> translation: let's discuss how to discern high degree and/or vulnerable
> nodes in critical infrastructure networks.
Correct.
>> 1. To bring like minded people together while operating under the
>> strategy of 'leaderless resistance'
>> (http://en.wikipedia.org/wiki/Leaderless_resistance)
>
> *
I think it'd be interesting if we started a discussion on the selection
of high value targets to be used in the staging of attacks that damage
significant infrastructure. The end goals, ranked equal in importance,
would be as follows:
1. To bring like minded people together while operating under t
34 matches
Mail list logo
