Been getting a few mails with the subject New Picture Here... and pointing
to a Geocities site. Anyone know anything about this?
Anthony
Need help with a computer problem?
Phone/Fax: 206-338-5893
24 hr Pager: 918-220-2929
___
Full-Disclosure - We
Anyone seeing this?
-y4k
=
- y4k4t4k
__
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
___
Full-Disclosure - We believe in it.
Charter:
[EMAIL PROTECTED] said...
Thought about that, but doesn't quite work. The headers only say
multipart/mime. The .pif part comes later in the attachment.
You want mime_header_checks, eg.
# postconf mime_header_checks
mime_header_checks = pcre:/etc/postfix/mime_header
# cat
On Sat, 23 Aug 2003 18:53:13 -0500, Jerry Heidtke wrote:
I've been unable to find, anywhere, the list of servers that Sobig.e
tries to contact.
Here is the list of master servers from Sobig.e:
129.244.36.194
203.252.75.45
209.34.8.147
217.228.235.145
217.230.224.66
218.146.139.246
I've been unable to find, anywhere, the list of servers that Sobig.e tries to contact.
I did find one reference that stated Sobig.e had a list of 22 servers that it tried to
contact, not five.
I was able to confirm from several AV sites that while Sobig.e stopped trying to
spread several
someone personally believed that this was valuable and now because you
obviously take yourself to be a judge of valuable information why not
enlighten us on something worthwhile.
/m
len rose is a muppet.
- Original Message -
From: edp [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent:
preferences ( no particular order )
#1 [Full-Disclosure]
#2 NO CHANGE
#3 keep it the same
morning_wood
http://e2-labs.com
http://exploitlabs.com
http://nothackers.org/about.php
___
Full-Disclosure - We believe in it.
Charter:
interesting items here not mentioned elsewhere at
http://www.fedcirc.gov/incidentPrevention/infoNotices/infoNotice20030801.ht
ml
in particular... port 111 / 707
DHS/FedCIRC Informational Notice 2003-08-01
Monitor your network for unusual levels of ICMP traffic,
and traffic for port 707 also
Title: Message
i kinda discoverd google's use as a proxy simply by
doing
http://translate.google.com/translate?u=http%3A%2F%2Fwhatismyip.com
and is essentally the basis of http://exploit.wox.org/tools/googleproxy.html
Donnie Werner
Chief Technical Officer
E2 Labs Information Security
funny things... SpamAssassin results
1. spoof
80.179.152.112.forward.012.net.il (80.179.152.112)
Whois:
80.179.152.0 - 80.179.171.255
Please Send Abuse/SPAM complaints
To [EMAIL PROTECTED]
DNS REG
25 Hsivim st. Petach-Tiikva, Israel
[EMAIL PROTECTED]
2. path reveal
The uncleanable file
I've just visited http://windowsupdate.microsoft.com to update my
Windows 2000 Server and Advanced Server, and I got this everytime I went
there (with latest IE 6.0, etc. I just want to get the last IE and MDAC
updates):
morning_wood said:
funny things... SpamAssassin results
2. path reveal
-- Virus Warning Message (on the network)
Found virus WORM_SOBIG.F in file details.pif
The uncleanable file details.pif is moved to /etc/iscan/virus/virZNvE0n
SpamAssassin does no virus scanning at all.
Come back later, this happens randomly on all my systems ranging from 95 to
2003.
Temporary glitch or a single misconfigured server in a cluster - who knows, who
cares *shrug*
Thor
- Original Message -
From: Irwan Hadi [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, August 24,
On Sun, Aug 24, 2003 at 02:59:51AM -0600, Irwan Hadi wrote:
I've just visited http://windowsupdate.microsoft.com to update my
Windows 2000 Server and Advanced Server, and I got this everytime I went
there (with latest IE 6.0, etc. I just want to get the last IE and MDAC
updates):
Hello All,
For the past few days, a few packet of protocol number 99 has captured in our network.
Do someone know the meaning of this packet?
Henna
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
i'd like some, any unique prefix, i often accumulate stacks of email and sort by
subject for faster deleting and so i can read messages in the same thread
consecutively. FD would be fine, or FM for that matter...
--
Philip Stortz--Only love can kill the Demon, from Natural Born Killers, the
Hi Henna,
you wrote:
For the past few days, a few packet of protocol number 99 has captured in our
network.
Do someone know the meaning of this packet?
From http://www.iana.org/assignments/protocol-numbers :
99 any private encryption scheme[IANA]
Michael
--
--On Sunday, August 24, 2003 2:59 AM -0600 Irwan Hadi [EMAIL PROTECTED]
wrote:
I've just visited http://windowsupdate.microsoft.com to update my
Windows 2000 Server and Advanced Server, and I got this everytime I went
there (with latest IE 6.0, etc. I just want to get the last IE and MDAC
Title: RE: [Full-Disclosure] SpamAssasin - path disclosure
As previously explained this is not spam assassin this is Trend Micro Interscan VirusWall
http://www.trendmicro.com/en/products/gateway/isvw/evaluate/overview.htm
Regards,
Kane Lightowler
-Original Message-
From:
Please learn to use google or grep and stop posting this junk here. Also
please read the list charter at:
http://lists.netsys.com/full-disclosure-charter.html
# 99 # any private encryption scheme
Kurt
- Original Message -
From:
fyi, the googleproxy will only proxy html, not images or other files. So
for example, checking my logs after testing the proxy produces:
216.239.39.5 - - [24/Aug/2003:17:40:50 -0400] GET / HTTP/1.0 200 1556 -
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4a) Gecko/20030401,gzip(gfe)
Title: RE: [Full-Disclosure] SpamAssasin - path disclosure
odd that it says "X-Spam-Checker-Version: SpamAssassin 2.53
(1.174.2.15-2003-03-30-exp) "
excuse my fauxpa, but when the line says
"SpamAssasin" i assume it is SpamAssasin
unless of course another product is also
SpamAssasin. I use
--
- EXPL-A-2003-021 exploitlabs.com Advisory 021
--
-= Miatrade Guestbook =-
Aug 20, 2003
Donnie Werner
[EMAIL PROTECTED]
23 matches
Mail list logo