something else. The 'double' sentence will make people think
before not giving the key.
phil
-Message d'origine-
De : full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] De la part de Tim
Envoyé : 12 juillet 2011 19:23
À : Thor
Is it only me, but the iDRAC6 from Dell is kinda insecure. The default
username and password is always root / calvin. (I configured a lot of Dell
server from like R610 to NX3000 and they all share that default password)
On the other hand, hp iLO got hardcoded password that change from each
ser
Quoting "Dobbins, Roland" :
> On May 12, 2011, at 12:20 AM, phil wrote:
>
>> (and I add that on private IOS like on sonicwall, it make it hard
>> to hit with a 0day vuln)
>
> Everyone/everything has vulnerabilities of one sort or another:
>
> <h
Quoting phocean <0...@phocean.net>:
>
> Can you develop? I still don't see how the hell the typical web server
> will handle as much traffic as one of these Checkpoint, Cisco or
> whatever monsters.
>
>>
I agree, it just leverage the load to another dedicated hardware, thus
your web server wil
De : full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] De la part de
n...@myproxylists.com
Envoyé : 3 mai 2011 18:33
À : full-disclosure@lists.grok.org.uk
Objet : [Full-disclosure] Facebook
Julian Assagne said:
...
Facebook in particular is the
ey sent that policy to everyone. Kinda a security
issue just there, the computer name is just not important. who care
your computer name when netbios traffic stay local on your lan. (ex,
your co-worker must already know your name, i hope so)
-phil
__
ct behind the tool, as it's the only way your
tool will get updated ?
phil
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
to my friends:I'm never one to recommend a service unless its really
something phenomenal but I have been taking this stuff that my doctor
recommended for fat loss and I've lost 8 pounds in a week. Two of my
friends who just began using it also lost seven pounds each.
http://minnitrim.com P.S. that
is not there for that.
-phil
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Its too easy to update server OS, thats the problem for why everyone just
talk about server OS.
Like for cisco gear, the client need to know that hes unsecure and he need
someone registered on cisco web site in its IT team to have access to the
patch... For hp gear I updated you need a tftp or
and to remove existing bug.
Thats why IMO for that disclosure. (to put the focust on that code part)
-phil
> --On December 14, 2010 8:40:14 PM -0500 b...@fbi.dhs.org wrote:
>
>> Hi,
>>
>> Has anyone read this yet?
>>
>> http://www.downspout.org/?q=node/3
>
if the computer got a local
mssql with mixed mode authentification. Does the trick permit the login to
the database if you installed it with a domain user, that is cached on the
computer? (But who care, as the local admin can just copy the data dir
anyway)
My .02 cent
-phil
> Correct me
> Vendor Notified: December 7, 2010
> Vendor Fixed: N/A
> Vendor Dismissed: December 9, 2010
"Law #6: A computer is only as secure as the administrator is trustworthy"
http://technet.microsoft.com/en-us/library/cc722487.aspx#EFAA
___
Full-Disclo
Hi there,
I found a small vulnerability. Don't flame me, as I have no idea if that
vulnerability is exploitable or not. I just wanted to share it (with my poor
english).
If it's not exploitable, then at least it's a cool bug to make a joke on
your coding team on a Monday morning. As nobody will
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/26/2010 03:55 PM, Mikhail A. Utin wrote:
> Folks,
> We are looking an enterprise level AV-software to replace our current AVG
> having in our eyes poor detection and removal capability. Reviews bring
> really mixed results as "nothin's perfect"
Uh, the date is at the top of the linked article. I think he's trying
to say this is old news. Which it is.
On Mon, Nov 17, 2008 at 2:39 PM, <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Dearest Juha-Matti Laurio,
>
> Could you please point the community to you
wishing to take advantage of randomized UDP source ports should check
their
configuration file to ensure they have not specified fixed query-source
ports."
Cheers,
Phil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Chandrashekhar B
Sent: 10 Jul
And the mozilla bugzilla numer is?
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of carl hardwick
> Sent: 15 February 2008 11:02
> To: full-disclosure
And the Mozilla bugzilla number is?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Juha-Matti Laurio
Sent: 01 December 2007 15:25
To: carl hardwick; full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Firefox 2.0.0.11 File Focus Stealing
v
h installs of malware via banner ads.
Cheers,
Phil
--
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of monikerd
> Sent: 11 September 2007 15:59
> To: [EMAIL PROT
It *was* a social experiment. It was reported on Slashdot about 3 days ago.
Here's the explanation/summary from the guy who set up eon8:
http://silvrlabs.com/deployed21b.php.html
On 7/4/06, Javor Ninov <[EMAIL PROTECTED]> wrote:
And this 0day comes from n3td3v :-))
Actualy this looks like s
I think your tinfoil hat is loose. Thanks for the laugh.
On 7/1/06, n3td3v <[EMAIL PROTECTED]> wrote:
On 7/1/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> On Fri, 30 Jun 2006 23:30:08 BST, n3td3v said:
> > They replace a website with the USSS logo., like what happened in the
> > case of th
That doesn't look like an official GriSoft site. In fact the domain
it redirects to is not owned by GriSoft (nor is there a link the
official site). See the following whois lookup at www.nic.uk:
http://195.66.240.211/cgi-bin/whois.cgi?query=grisoft.co.uk&WHOIS+Submit.x=21&WHOIS+Submit.y=11
It'
virus found
VBA32 3.10.4 09.12.2005 MalwareScope.Trojan-Spy.Banker.43
Cheers,
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Pedro Hugo
> Sent: 13
itted it to McAfee's http://www.webimmune.net and
http://malwareupload.com
Cheers,
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Pedro Hugo
> Sent:
t the perimeter is that when your server or
desktop antivirus starts screaming, you know that the infection has come
via user action or infected PCs being connected to your internal
network.
Cheers,
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -Original
It's worth submitting it to http://virusscan.jotti.org as
well.
Cheers,
Phil
----Phil RandalNetwork EngineerHerefordshire
CouncilHereford, UK
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan
BambachSent: 09 August 2005 16:34To:
full-discl
See http://www.mckeay.net/secure/archives/000422.html
An email to [EMAIL PROTECTED] should do the trick.
Cheers,
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
28 matches
Mail list logo