From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Andre Ludwig
rant
I nominate this thread most useless thread EVAR!
With that being said, can you guys please move on, and repeat
after me. CERTS MEAN NOTHING!
Unless you are trying to get a job and the only thing the
I believe F-Prot found that 10% of transmissions by this virus do not
include the attachment, not due to a broken variant but just doto the
coding, and my apologies if I'm not attributing credit properly, I'm
tired and there's been a lot of e-mail. I cann definitivey say I
learned this from
Paul.
Are you sure that this is true? I know there was an autoexecution
concern with MiMail, for general unzip, but was wrong to begin with with
respect to that but even the initial post found it was not a concern
with the XP unzipping functionality. I have never seen the XP unzip
cause
On August 20, 7:09 am Steve Bremer [EMAIL PROTECTED] wrote:
line). But it seems to be broken in other areas, I think I'm getting
We've noticed a few problems with it as well. We've received a few e-
mails with one of the typical Sobig subject lines, only no
attachment. The attachment
!--
This attack may be utilized wherever IE parses HTML,
including web sites, e-mail, newsgroups, and within
applications utilizing web-browsing functionality.
--
W0W !
[harmless .exe]
http://www.malware.com/drew.html
ouch !
--
http://www.malware.com
[Observation stolen from nanog.]
Windows Update uses ActiveX Controls and active scripting to display
content correctly and to determine which updates apply to your computer.
To view and download updates for your computer, your Internet Explorer
security settings must meet the
Yo Paul!
On Wed, 20 Aug 2003, Paul Schmehl wrote:
Now change the word virus to trojan or rootkit, and your defense of
*nix falls apart.
Notice I never used the words UNIX. NT can be run in a trusted manner,
just not with an ethernet card according to the US Gov standards.
Several OS other
On Thu, 21 Aug 2003 11:56:15 +1200, Nick FitzGerald [EMAIL PROTECTED] said:
trouble with it. If your solution to this problem is to sugegst that
some new file transfer mechanism should be devised and implementations
widely distributed, then you will simply move the target of choice for
[Observation stolen from nanog.]
Windows Update uses ActiveX Controls and active scripting to display
content correctly and to determine which updates apply to your
computer.
To view and download updates for your computer, your Internet Explorer
security settings must meet the
From: Drew Copley [EMAIL PROTECTED]
Actually, quite a few don't, some still rely on piggy backing Outlook.
But, yes, this trend should be dissapearing as people upgrade so their
Outlook client will no longer be able to be remote controlled by another
application. (Current versions not only
Hi,
Minor observation; if you want to post samples of virii/trojans/malware,
either as an email attachment or on a website, please put it into a pwd
protected ZIP/RAR/ARJ etc and include the password with your post. You
might even put the password in filename of the attachment
(name-passord?).
-Original Message-
From: Craig Pratt [mailto:[EMAIL PROTECTED]
Sent: Thursday, 21 August 2003 5:52 p.m.
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Re: Filtering sobig with postfix
You'd better check for a lot more than just .pif files. .scr and
http://www.foxnews.com/story/0,2933,95049,00.html
In the entire history of FirstEnergy, FirstEnergy
spokesman Todd Schneider
said there hasn't been an outage of any system due to
hackers, and that that
the weather in northeastern Ohio did more damage.
In light of this:
[...]
see:
[EMAIL PROTECTED] to me:
trouble with it. If your solution to this problem is to sugegst that
some new file transfer mechanism should be devised and implementations
widely distributed, then you will simply move the target of choice for
the bad guys from SMTP to Paul And Richard's
I did it by setting up DrWeb antivirus software, that works quite nice with
Postfix
(and IMHO is the best FREE antivirus daemon for *nix servers). I turned off
bounce
email notification to the sender of the virus (with this evil virii they
are innocent in
99,9% of cases), so it is already less
Yep, as the OP is using postfix, he could use the
header_checks directive,
which can identify MIME headers, so he can easily stop this worm.
Just check for Content-Disposition header and block
everything with .pif in
filename.
Thought about that, but doesn't quite work. The headers only
[Observation stolen from nanog.]
Windows Update uses ActiveX Controls and active scripting
to display
content correctly and to determine which updates apply to
your computer.
---snip---
What the hell are you people thinking?!
Try configuring the trusted zone in IE, set your
I was told by a few that the HP tandem NonStop servers are the most secure servers ?
i have got myself a box and have been tasksed to do a security review.
Does anyone have any recomdations/idea how i should go abt doing it ?Yahoo! Plus - For a better Internet experience
martin f krafft [EMAIL PROTECTED] wrote:
The problem with virii such as this is not the software but the
wetware - the bewildered enduser who fails to use his machine in
a secure manner responsible to his community.
Only partially right, the other part is bugs in software and
automation
Jason Coombs [EMAIL PROTECTED], whose input is usually
intelligent, considered and well-reasoned, chose to fall from his
pedestal thus:
Curt Purdy opined:
FWIW I disagree with any moderation at all.
The point is, this is a FREE forum, one of the few left in the world.
I agree
What OS do they run?
Everyone knows that all HP issues are only Potential issues thus making
them rock solid. (sarcasm).
-KF
david king wrote:
I was told by a few that the HP tandem NonStop servers are the most
secure servers ?
i have got myself a box and have been tasksed to do a security
On Wed, 2003-08-20 at 16:56, Nick FitzGerald wrote:
2. I suspect that Mr Turing and a his halting problem will intervene
in any attempt to devise a foolproof this message contains an
attachment mechanism. The obvious choice to break any such system is
steganographic encoding of a binary
Hi everyone,
I'm getting warnings that the file jdbgmgr.exe which shows up under properties as a java debugger file (create date 1999) is actually a virus which will shut down your machines in 14 days. The warning states that it copies your address book and sends itself out.
Does anyone have
On Thu, 21 Aug 2003, KF wrote:
What OS do they run?
NonStop Kernel is UNIX based and was developed by Tandem in the 90's
Everyone knows that all HP issues are only Potential issues thus making
them rock solid. (sarcasm).
-KF
david king wrote:
I was told by a few that the HP tandem
http://securityresponse.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoa
x.html
http://hoaxbusters.ciac.org/HBMalCode.shtml#jdbgmgr
http://antivirus.about.com/library/hoaxes/blenjdb.htm
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Thanks for the information showing it is a hoax.
Sch4143291
Does anyone have info on this? Is this a hoax?
Try this:
http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Well if its a unix based OS I would start with a suid / sgid listing...
as well as checking the listening services...
Shoot me a find / -perm -4000 and a find / -perm -2000 along with a
netstat -a and we can go from there.
If you are willing to give up a shell I'll beat on the suids myself for
It is
a hoax
http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html
-Riz
-Original Message-From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]Sent: Thursday, August 21, 2003 11:05
AMTo: [EMAIL PROTECTED]Subject:
[Full-Disclosure] jdbgmgr.exe hoax virus?Hi
On Thu, 21 Aug 2003, KF wrote:
Well if its a unix based OS I would start with a suid / sgid listing...
as well as checking the listening services...
Shoot me a find / -perm -4000 and a find / -perm -2000 along with a
netstat -a and we can go from there.
If you are willing to give up a
What? Did AOL turn off access to Google?
http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html
Can we quit with discussions of SoBig, Blaster and other garbage for
awhile please?
-jim
[EMAIL PROTECTED] wrote:
Hi everyone,
I'm getting warnings that the file _jdbgmgr.exe_
See this.
http://vil.nai.com/vil/content/v_99436.htm
[EMAIL PROTECTED] wrote:
Hi everyone,
I'm getting warnings that the file jdbgmgr.exe which shows up
under properties as a java debugger file (create date 1999) is actually
a virus which will shut down your machines in 14 days. The
HOAX! that file really is what it says it is.
check google before ya post, say I.
henry
[EMAIL PROTECTED] wrote:
Hi everyone,
I'm getting warnings that the file jdbgmgr.exe which shows up under
properties as a java debugger file (create date 1999) is actually a virus which
will
On Thu, 21 Aug 2003 11:04:36 EDT
[EMAIL PROTECTED] wrote:
Hi everyone,
I'm getting warnings that the file jdbgmgr.exe which shows up
under
properties as a java debugger file (create date 1999) is actually a
virus which will shut down your machines in 14 days. The warning
Thanks everyone for the info and links. Don't want to take up any more time on Full Disclosure on this. You folks have been great.
Sch4143291
Observations from a Verizon customer (emphasis is mine):
Original Message
Recently switched to Verizon's dsl service. Following experience should be
noted by present and prospective Verizon email users.
Today, after returning from a 2 day weekend away from downloading
This seems closely related to my previous post:
http://slashdot.org/article.pl?sid=03/08/20/221226
---
Hi List,
Has anyone seen this recent so called 'update' for MSN Messenger? This
(full-email follows below) was in my mailbox today but as far as I know
there is no critical update needed
Hello everybody,
Yes, it's a Hoax: http://www.symantec.com/avcenter/venc/data/jdbgmgr.exe.file.hoax.html(for
example)
Regards,
Saturn
S;-D
- Original Message -
From:
[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 5:04
PM
Subject:
we had a honey pot
hit by some canny FTP kiddies using the RPC flaw to load up an FTP server that
ran as a service and also then execute a predifned further attack on some
specific IP's any one else seen this. very similar exploit to nachia "whatever
its called" worm
the attack came from
Here's a useful URL:
www.snopes.com
And a specific:
http://www.snopes.com/computer/virus/jdbgmgr.htm
In short, yes, it's a hoax.
cdv
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, August 21, 2003
Hey folks,
ALL LIST MEMBERS ARE ENCOURAGED TO RESPOND AND MAKE A CHOICE AS TO HOW
THEY WANT THIS BASIC FUNCTION OF THE LIST TO CONTINUE OPERATING.
The subject header is going to change.
This is a survey to see whether people want:
1. To have no subject prefix, that is, we remove
-Original Message-
From: Gary E. Miller [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 20, 2003 5:38 PM
To: Drew Copley
Cc: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] Re: Administrivia: Testing
Emergency Virus Filter..
Yo Drew!
On Wed, 20 Aug 2003, Drew Copley
If y'all were using a threaded MUA, we might not get so many nearly
identical answers to the same question... mutt (text), evolution (gui),
sylpheed (gui), mahogany (gui) all run on linux (plus some other
platforms), and all have this ability. Probably others too. Except for
[EMAIL PROTECTED]
-Original Message-
From: Thor Larholm [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 1:32 AM
To: Drew Copley; [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Re: Administrivia: Testing
Emergency Virus Filter..
From: Drew Copley [EMAIL PROTECTED]
Actually,
On Thu, 21 Aug 2003 14:11:26 BST, =?iso-8859-1?q?david=20king?= [EMAIL PROTECTED]
said:
I was told by a few that the HP tandem NonStop servers are the most secure servers ?
i have got myself a box and have been tasksed to do a security review.
Does anyone have any recomdations/idea how i
Why is the state of Germany trojanizing applications which may be run by
anyone on the planet?
How is it they believe they have a right to trojanize someone outside of
Germany?
This is blatantly illegal in just about every country outside of
Germany. Literally.
Are they trying to set a
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of *Hobbit*
Sent: Wednesday, August 20, 2003 4:08 PM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] windowsupdate
[Observation stolen from nanog.]
Windows Update uses ActiveX Controls and
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Chris Cappuccio
Sent: Thursday, August 21, 2003 10:43 AM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Subject prefix changing! READ
THIS! SURVEY!!
Hey folks,
ALL LIST MEMBERS ARE
Excellent post, thanks for sharing the info.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Michael Scheidell
Sent: Wednesday, August 20, 2003 7:41 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL
also sprach [EMAIL PROTECTED] [EMAIL PROTECTED] [2003.08.21.1741 +0200]:
Thanks for the information showing it is a hoax.
Why does noone release a virus that uses such a filename. After all,
everyone knows it'll just be a hoax...
--
martin; (greetings from the heart of the sun.)
But this is not the full storysee
http://www.heise.de/newsticker/data/uma-20.08.03-000/ (in german).
In short: While the AN.ON-Projekt was forced to put in the
logging-function, other mixes are not affected. SPLINE
(http://www.spline.de/) for example refuses to implment the logging.
They are
Let it be as it is now
On Thu, 2003-08-21 at 12:43, Chris Cappuccio wrote:
Hey folks,
ALL LIST MEMBERS ARE ENCOURAGED TO RESPOND AND MAKE A CHOICE AS TO HOW
THEY WANT THIS BASIC FUNCTION OF THE LIST TO CONTINUE OPERATING.
The subject header is going to change.
This is a survey to see
i kind of find it shocking that security people are even questioning t
hat its real or a hoax, when simple investigation will reveal its a real
file.
btw, this has been a hoax for aprox 3 years now.
Donnie Werner
http://e2-labs.com
http://exploitlabs.com
-BEGIN PGP SIGNED MESSAGE-Hash:
SHA1
Hello friends!
I have found private ip address used by google
servers. here are thedetails.
make sure you have google toolbar
installed.
1. go to www.showmyip.com2. it will show your ip
address.3. now right click and select Translate Page4.
I agree with the need for the subject to change, but would much prefer
option 2. It makes my life easier ;p.
- Original Message -
From: Chris Cappuccio [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 7:43 PM
Subject: [Full-Disclosure] Subject prefix changing! READ
Drew Copley [EMAIL PROTECTED] writes:
Why is the state of Germany trojanizing applications which may be
run by anyone on the planet?
Why is the U.S. government interfering with the publication of
security advisories if the corresponding software is being run
throughout the world?
The German
i have always had an idea but never any place to
try it
i would like people with experience to tell me what
they think of it
assuming a unix / linux operating system as a server
install the services get them configured
...remove all booting hardware except the drive
then change
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Florian Weimer
Sent: Thursday, August 21, 2003 11:39 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: Thomas C. Greene
Subject: [Full-Disclosure] Re: Popular Net anonymity service
back-doored
This is now How do I do a pen-test list? Or is it non-stop dicussion of
useless details about well known issues that nobody (except the 5 posters)
care about list? I'm confused, can someone resend me the list charter?
Moderation isn't desired, but I think this unending flood of crap is even
less
oN tHU, Aug 21, 2003 at 10:43:02AM -0700, Chris Cappuccio wrote:
ALL LIST MEMBERS ARE ENCOURAGED TO RESPOND AND MAKE A CHOICE AS TO HOW
THEY WANT THIS BASIC FUNCTION OF THE LIST TO CONTINUE OPERATING.
This has been covered several times... and we certainly *don't*
want this mail coming to the
My vote goes to choice #1. :]
--
Greetz,
8tImERmailto:[EMAIL PROTECTED]
GPG Key-ID: 0xADD46137
Originaltext:
Am 21.08.2003 um 19:43:02 hast du geschrieben:
Hey folks,
ALL LIST MEMBERS ARE ENCOURAGED TO RESPOND AND MAKE A CHOICE
Len said there needed to be a consensus on the list before he would make
a change, but that it would be nice to change!
John Cartwright [EMAIL PROTECTED] wrote:
oN tHU, Aug 21, 2003 at 10:43:02AM -0700, Chris Cappuccio wrote:
ALL LIST MEMBERS ARE ENCOURAGED TO RESPOND AND MAKE A CHOICE AS TO
Title: RE: [Full-Disclosure] Idea
to configure or modify things one would have to
install boot hardware and then use other boot media
containing a shell
Or just exploit a vulnerability in the system. Which you have made very hard to upgrade or patch.
Doesn't sound like much of an
On 22/08/03 at 00:40, Gaurav Kumar ([EMAIL PROTECTED]) wrote :
Hello friends!
I have found private ip address used by google servers. here are the
details.
[...]
This 10.7.0.73 is google private ip address.
Ouah !
Exciting !
--
Nicolas Cartron
[EMAIL PROTECTED]
Date: Thu, 21 Aug 2003 10:43:02 -0700
From: Chris Cappuccio [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Subject prefix changing! READ THIS! SURVEY!!
Hey folks,
ALL LIST MEMBERS ARE ENCOURAGED TO RESPOND AND MAKE A CHOICE AS TO HOW
THEY WANT THIS BASIC FUNCTION OF
Hi,
Yes You have right, we've got a lot of response after the publication, and
we know that title should be different
(if You read the paper there is an section The Topic Problem bla bla), yes
like You said m$ is not guilty for that, only
software (many many device drivers are vulnerable to this
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, 22 August 2003 12:06 a.m.
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: AW: [Full-Disclosure] Re: Filtering sobig with postfix
Yep, as the OP is using
Hi all,
I totally agree on that.
And by the way you should think about two things:
1) The site they're logging provides illegal content. AFAIK it's
child-pornography. As long as I can be sure that only sites with
illegal content get logged I can trust that service.
2) If they had resisted, the
#2 or #3. How are we supposed to filter emails in our inbox w/o it??
-Original Message-
From: 8tImER [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 4:02 PM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Subject prefix changing! READ THIS!
SURVEY!!
My vote goes to
Nick FitzGerald came to his senses and removed me from the pedestal he had
placed me on, and then launched into a well-written barrage of fact, beginning
thus:
I agree completely. The sobig spam is valuable -- it shows us who we
should not trust to operate a computer.
_If_ you know what to take
also sprach Nicolas Cartron [EMAIL PROTECTED] [2003.08.21.2223 +0200]:
This 10.7.0.73 is google private ip address.
Ouah !
Exciting !
Yeah, especially because google is served by a single server. and
no, i doubt they employ virtual IP load balancing.
--
martin; (greetings
Title: Message
Excuse
my ignorance, but what's the point of this?
If you
read that page, you'll see that they use proxy.google.com, which adds
X-Forwarded-For header, so that's how you got internal IP address, but I don't
really see any use of this.
So
what, everyone knows they are using
El Jue 21 Ago 2003 16:23, Nicolas Cartron escribió:
On 22/08/03 at 00:40, Gaurav Kumar ([EMAIL PROTECTED]) wrote :
Hello friends!
I have found private ip address used by google servers. here are the
details.
[...]
This 10.7.0.73 is google private ip address.
has anyone know how this
On Thu, 21 Aug 2003 11:42:43 PDT, Drew Copley [EMAIL PROTECTED] said:
Or, do they believe they are superior to other countries, and they may
invade at will?
That's the US's job, isn't it? ;)
pgp0.pgp
Description: PGP signature
only problem is ...i dont know of anything service
wise that requires little to no modification on a
regular basis
Getting rid of the shell would break any call to system() in any
program.
___
Full-Disclosure - We believe in it.
Charter:
-Original Message-
From: Joshua Vince [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 3:49 PM
To: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] Subject prefix changing! READ
THIS! SURVEY!!
#2 or #3. How are we supposed to filter emails in our inbox w/o it??
Have
Nick FitzGerald came to his senses and removed me from the pedestal he had
placed me on, and then launched into a well-written barrage of fact, beginning
thus:
I agree completely. The sobig spam is valuable -- it shows us who we
should not trust to operate a computer.
_If_ you know what to take
Nick FitzGerald came to his senses and removed me from the pedestal he had
placed me on, and then launched into a well-written barrage of fact, beginning
thus:
I agree completely. The sobig spam is valuable -- it shows us who we
should not trust to operate a computer.
_If_ you know what to take
Fellow Alaskan Arthur Corliss responded to:
From: Chris Cappuccio whom exclaimed:
The subject header is going to change.
This is a survey to see whether people want:
1. To have no subject prefix, that is, we remove [Full-Disclosure]
or
2. To shorten the subject prefix from
-Original Message-
From: martin f krafft [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 1:46 PM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Re: Thanks for the hoax info.
Why does noone release a virus that uses such a filename.
After all, everyone knows it'll
Popfile would do a fine job.
http://popfile.sourceforge.net
- Original Message -
From: Joshua Vince [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 1:49 PM
Subject: [fd] RE: [Full-Disclosure] Subject prefix changing! READ THIS!
SURVEY!!
#2 or #3. How are we
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 August 2003 22:49, Joshua Vince wrote:
#2 or #3. How are we supposed to filter emails in our inbox w/o it??
You can always use List-Id (in the e-mail headers).
- --
Yannick Van Osselaer
Public Key: wwwkeys.us.pgp.net
-BEGIN PGP
Well, if all shells are removed and roots and other users shell is changed
to /bin/false, you wont be able to install another shell. How would you
interface with the system? NO SHELL!
From: Schmehl, Paul L [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 5:35 PM
Subject:
funny things... SpamAssassin results
1. spoof
80.179.152.112.forward.012.net.il (80.179.152.112)
Whois:
80.179.152.0 - 80.179.171.255
Please Send Abuse/SPAM complaints
To [EMAIL PROTECTED]
DNS REG
25 Hsivim st. Petach-Tiikva, Israel
[EMAIL PROTECTED]
2. path reveal
The uncleanable file
Bernie wrote:
I believe that like the HIPAA Security rules, regulations
should be established to set Security standards which the
Power Utilities, as well as and Gas, Water should be held to
comply with.
They have been trying to come up with a plan. Unfortunately, it appears to lack any
On Thu, Aug 21, 2003 at 11:12:06AM -0700, D B wrote:
i have always had an idea but never any place to
try it
i would like people with experience to tell me what
they think of it
assuming a unix / linux operating system as a server
install the services get them configured
Title: Message
i kinda discoverd google's use as a proxy simply by
doing
http://translate.google.com/translate?u=http%3A%2F%2Fwhatismyip.com
and is essentally the basis of http://exploit.wox.org/tools/googleproxy.html
Donnie Werner
Chief Technical Officer
E2 Labs Information Security
My message was for Servicios de seguridad informatica :D
Regards ,
--
David F. Madrid ,
Madrid , Spain
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Jason Coombs [EMAIL PROTECTED] wrote:
Nick FitzGerald came to his senses and removed me from the pedestal he had
placed me on, and then launched into a well-written barrage of fact, beginning
thus:
Nice... 8-)
I agree completely. The sobig spam is valuable -- it shows us who we
should
Hello List.
I downloaded the patch via Windoze update for Exploder 6 this Morning. No
problems with that 2 Min max. Took the shut down option, system reboots all
OK. Point Browser @ my ISPs home page to check the config, the firewall
tells me modules have changed (as expected) and I release the
Hey people,
At around 3:30 today my campus lite up like a Christmas tree. I
have hundreds of computers pinging each other all over campus. Luckily
none of them are from the subnet that I administer. :) I did some
searchin but didn't read about any of the new worms using ICMP. Anyone
have
Drew Copley [EMAIL PROTECTED] writes:
I would think, I would know, there would be a moral obligation to tell
their users. Moral... A conscience obligation, an obligation of
conscience.
I usually interpret German privacy law much more liberally than ICPP
and was really surprised that they
eEye IE (EIIE:)) bug:
http://www.eeye.com/html/Research/Advisories/AD20030820.html
This here just making it easier to edit commands/play around
...nothing heavy...nothing new...
On 10.10.10.10's web server is test.html:
-
htmlh1
nice webpage/h1
object
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: gdm
Advisory ID:
Definitely 2 here...
1. To have no subject prefix, that is, we remove [Full-Disclosure]
or
2. To shorten the subject prefix from [Full-Disclosure] to [FD]
or
3. Do nothing
___
Full-Disclosure - We believe in it.
Charter:
-Original Message-
From: Florian Weimer [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 21, 2003 12:23 PM
To: Drew Copley
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] JAP back doored
Drew Copley [EMAIL PROTECTED] writes:
Why is the state of Germany trojanizing
Joshua Vince [EMAIL PROTECTED] wrote:
#2 or #3. How are we supposed to filter emails in our inbox w/o it??
Well, all the following headers are likely to be as unique to F-D list
messages as any arbitrary Subject: line tag:
List-Unsubscribe: http://lists.netsys.com/mailman/listinfo/full-
Shorten it or don't change it just don't remove it altogether. I
am on several mailing lists and while I do filter things into different
folders, it has always been easier if the subject contains a constant
such as [Full-Disclosure]. I wouldn't say that it is strictly
necessary, but it
Hello,
On Fri, Aug 02, 2002 at 10:39:44AM +0200, [SEC-LABS TEAM]: wrote:
The Sec-Labs security research group found a bug in Win32 Device Drivers
Communication, the white-paper for this vulnerability can
be viewed at http://sec-labs.hack.pl , the exploit code for Symantec Norton
--On Thursday, August 21, 2003 19:33:06 -0400 Calvyn [EMAIL PROTECTED]
wrote:
Hey people,
At around 3:30 today my campus lite up like a Christmas tree. I
have hundreds of computers pinging each other all over campus. Luckily
none of them are from the subnet that I administer. :) I did
1 - 100 of 124 matches
Mail list logo