I suspect we are starting a game of telephone ...
It appears to me (and I'm going to be nice and *not* include the
entire thread in the message ;-) that this started out with the
citation of the CCIA paper regarding Dan Geer getting shown the door.
The response (which was posted by Jon on behalf
Bruce Ediger [EMAIL PROTECTED] wrote:
On Fri, 26 Sep 2003, Rick Kingslan wrote:
I'll not argue that the Windows operating systems are the target of the
majority of virus', but that's typically what happens when a system is
used
by a known large group of people that might not be qualified
On Fri September 26 2003 21:39, you wrote:
--On Friday, September 26, 2003 11:25 PM + Nate Hill
[EMAIL PROTECTED] wrote:
On Fri September 26 2003 20:57, David Hane wrote:
...
Also, am I the only one who is totally exhausted from trying to
keep up with the last couple of week's patch
-BEGIN PGP SIGNED MESSAGE-
Who is making a non-detectability claim, and in what context? I
have
no reason to claim that no one has, I just haven't seen it.
BB
Fair enough, but I sure haven't seen anyone doing much to point out
their
Pardon me if this is old news and well known, but we are finding a WMS.exe on Win2k
machines in both the WINNT and WINNT\system32 directories along with a
WINNT\system32\nt directory full of installation and launching scripts plus IRC
communication scripts.
Mcaffee and Norton have yet to
On Fri, Sep 26, 2003 at 11:59:04PM -0600, Bruce Ediger wrote:
On Fri, 26 Sep 2003, Rick Kingslan wrote:
Oh, wait. Apache has about 2 times the market share of IIS, and I'm
still getting Code Red and Nimda hits TWO YEARS after they were released.
By contrast, I only got about 2 days worth of
On Fri, 26 Sep 2003, Rick Kingslan wrote:
I'll not argue that the Windows operating systems are the target of the
majority of virus', but that's typically what happens when a system is used
by a known large group of people that might not be qualified to run a
computer, much less secure it.
On Fri, Sep 26, 2003 at 10:50:02PM -, Mandrake Linux Security Team wrote:
The problematic code first appeared in ProFTPD 1.2.7rc1, and
the provided packages are all patched by the ProFTPD team to protect
against this vulnerability.
Uh?
The bug can at least be triggered on version
On Fri, 2003-09-26 at 22:57, Paul Schmehl wrote:
We're working on a jail vlan concept now, where evil computers go.
They get access to email (so they can beg for forgiveness), a web page that
says, You naughty, naughty boy and access to one website - their vendor
of choice's patch site -
From: Karl DeBisschop [EMAIL PROTECTED]
On Fri, 2003-09-26 at 22:57, Paul Schmehl wrote:
We're working on a jail vlan concept now, where evil computers go.
They get access to email (so they can beg for forgiveness), a web page that
says, You naughty, naughty boy and access to one
On Sat, Sep 27, 2003 at 12:24:47PM +0159, Jedi/Sector One wrote:
The bug can at least be triggered on version 1.2.6
Forget the previous mail, I've messed up different versions.
1.2.6 is ok, sorry.
--
Let internet explore your host
Hi Stephen,
Thursday, September 25, 2003, 11:53:44 PM, you wrote:
SB Pardon me if this is old news and well known, but we are finding a WMS.exe on
Win2k machines in both the WINNT and
SB WINNT\system32 directories along with a WINNT\system32\nt directory full of
SB installation and launching
There has been a disturbing trend recently whereby authorities in the
United States of America have been filing lawsuits against peer to peer
(P2P) network users for alleged copyright infringement. The lawsuits
typically demand an outrageously large sum of money, such that the target
P2P user
--- JTBurn [EMAIL PROTECTED] wrote:
I think it's a typicall form of an XDCC-BoT.
that means: they hacked your pc and installed
a script from which the persons from the channel
can get warez or moviez and so one from your
pc.
--
cu,
JTBurn
Hello,
I think you are right. In the irc
Hi!
Destroying the monopoly also lets the World get rid of (Anti)Virus
companies, since they are protected by Microsoft Virus Support(TM).
The fact that writing virusses and worms is easier and more rewarding on
MS-Windows systems, that doesn't mean that they are impossible on free software
S G Masood wrote:
--- JTBurn [EMAIL PROTECTED] wrote:
I think it's a typicall form of an XDCC-BoT.
that means: they hacked your pc and installed
a script from which the persons from the channel
can get warez or moviez and so one from your
pc.
--
cu,
JTBurn
Hello,
I think you are right. In the
I think it might be more of a problem for Microsoft itself. How can you
fix
the problems and still try to sell new versions to the public?
Micro$oft's business model is not selling software that is (relatively)
bug-free. Rather, they like bringing products to market ASAP, regardless of
the
Gregory,
Given some hours to think about this topic, my post, and your thoughtful
reply - I concur that you nailed it on the head and I read way too much into
Fabio's post. And, because of the long-running thread, much of the initial
assertion and report (true - it IS good work) was lost in the
Wouldn't this have been better posted in alt.religious?
And, to wit - working in a completely homogenous environment with Microsoft
products, Red Hat, AIX, Tandem, much custom written apps, and the platform
chosen for the best APPLICATION fit (remember - it doesn't really matter if
you prefer
--On Saturday, September 27, 2003 7:30 AM -0400 Karl DeBisschop
[EMAIL PROTECTED] wrote:
I imagine mail out of that subnet passes through a proxy server with
spam and virus detection.
Yes. And they will get an entirely different DNS server (through DHCP)
that will only resolve the hosts that we
In deference to the experts, Joe and Nick, rather than argue about what
Swen does, I'll just post some headers and ask for a *brief* explanation of
them.
1st header is a bounce to my work account. Unfortunately the bouncing
party didn't bother to include the original message headers, but it's
Paul Marsh [EMAIL PROTECTED] wrote:
Everyone's talking about if Swen is traceable or not,if it is when would
[EMAIL PROTECTED] be the potential infected client?
snip
Return-Path: [EMAIL PROTECTED]
Yes...
...but note that the virus simply grabs a defined (but not hard-coded)
registry value
Die an Sie gerichtetete Mail vom Absender paul schmehl [EMAIL PROTECTED] mit dem
Betreff enthielt einen Virus: ( Exploit.IFrame.Gen)
Die Mail wurde auf dem Mail-Server gelöscht. Der Absender wurde mit einer
ähnlichlautenden Nachricht über diesen Vorgang informiert.
An e-mail from paul
I think we have lost the point of the thread CyberInsecurity: The Cost of
Monopoly which states your exact point that diversity is the most important
aspect of network protection. It clearly states, and I agree, that
Microsoft has been the biggest danger to that diversity by creating a
monolithic
He is probably useing NAT, ie. he has an internet IP address at the ISP,
192.xxx or similar. The ISP useually has less IPs available in their pool
than they have users, so they have a box that assigns users
the external IP, and routes their requested data to their internal IP.
Yours,
Poul Wann
Hmmm, I have thought about it.
Yes I take pride in my work.
Not an MC* anything. Don't believe I need a piece of paper to say I am
capable of anything. I either do it or I don't do it. It's up to me. In
general I feel that if your opinion of me if based on me holding a piece of
paper or not is
On Sat, 2003-09-27 at 12:40, Paul Schmehl wrote:
... the focus right now is completely on the
Microsoft clients. I recently suggested that we should switch all MS
clients to Mac OS X. :-) They actually didn't laugh this time.
We already are pretty diversified. Our backoffice stuff is
--On Saturday, September 27, 2003 2:53 PM -0400 Karl DeBisschop
[EMAIL PROTECTED] wrote:
As food for thought, what if you took an OS that gave you a little
lattitude - say Mandrake Linux, which is considered fairly user
friendly, and said If you install this, the default configuration will
Antigen get's my vote for the most braindead AV gateway software. There
were *no* attachments in my message, only headers that are used for
attachments. You'd think they could at least look for some base64 encoding
before barfing.
Sheesh!
Forwarded Message
Date:
Hmmm, I have thought about it.
Yes I take pride in my work.
Not an MC* anything. Don't believe I need a piece of paper to say I am
capable of anything. I either do it or I don't do it. It's up to me. In
general I feel that if your opinion of me if based on me holding a piece of
paper or not is
I couldn't help but interject my 2 cents. Visiting your website I see:
Main Entry: joeware
Pronunciation: 'jO-war
Function: noun
Date: 2000
: generally useful idea pulled out of the ether by joe: as a: script
and/or tool that makes the difficult easy; specifically: system
administration tools
Isn't this a great country? We defend to death the rights for anyone to
speak their opinion. Even if the opinion is uninformed, shortsighted, or
silly.
I can't recall ever speaking to someone who actually bought a new
application from a vendor simply because their old version of the
application
I couldn't help but interject my 2 cents. Visiting your website I see:
Main Entry: joeware
Pronunciation: 'jO-war
Function: noun
Date: 2000
: generally useful idea pulled out of the ether by joe: as a: script
and/or tool that makes the difficult easy; specifically: system
administration tools
You did a great job of assuming what was being said here. You have an
incredible career in assumption waiting for you.
I couldn't help but interject my 2 cents. Visiting your
website I see:
Cool thanks! I decided to add a link to the site just before I posted so it
would give the anti-MS
On Sat, 27 Sep 2003, Gregory A. Gilliss wrote:
...and other than the fact that you sent this from a hushmail account, this
has *what* to do with security, exploits, vulnerabilities, etc?
I suggest alt.legal.rants =;^)
G
It is square on topic.
oo--JS.
On or about 2003.09.27 04:07:29
I can't recall ever speaking to someone who actually bought a new
application from a vendor simply because their old version of the
application from the vendor was insecure or buggy. In fact, that
would tend to push them to look elsewhere.
Well Microsoft expects you to buy it for
I can't recall ever speaking to someone who actually bought a new
application from a vendor simply because their old version of the
application from the vendor was insecure or buggy. In fact, that would tend
to push them to look elsewhere.
Well Microsoft expects you to buy it for those
Geeklog Multiple Versions Vulnerabilities
--
PRODUCT: Geeklog
VENDOR: Geeklog
VULNERABLE VERSIONS:
- 2.x ( TESTED ) (T.I.N.P)
- 1.x ( TESTED ) (T.I.N.P)
- And older versions possible affected too.
NO VULNERABLE VERSIONS
- ?
-
N.TED = Not Tested in a
Cool thanks! I decided to add a link to the site just before I posted so it
would give the anti-MS folks something to attack. I am glad I could be of
assistance to you.
You're _assuming_ I am Anti-MS. I may be Anti-MS-Politics but am not
bent against the operating system. I certainly
Le sam 27/09/2003 à 22:49, Jonathan A. Zdziarski a écrit :
There were just s many features from 95 to 98 to ME.
None of these constituted a new product.
Nor any security enhancement, by the way...
--
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint:
At 11:40 AM -0500 9/27/03, Paul Schmehl wrote:
1st header is a bounce to my work account. Unfortunately the
bouncing party didn't bother to include the original message
headers, but it's evident that they *thought* that I sent them the
virus. Since the From address was Microsoft Security
/this is my temporary email add. as my old server is
getting a huze dDOS! hopefully, soon within few days
i'll be using my old email address./
alternate email: [EMAIL PROTECTED] [Bipin Gautam ]
--
WINDOWS
You're _assuming_ I am Anti-MS. I may be Anti-MS-Politics but am not
bent against the operating system. I
Note I said anti-MS, not anti-Windows. You are certainly anti-MS, your
anti-Windows or not is still a little shakey but I would say yes, you should
come out of the closet on it. It
43 matches
Mail list logo