> > Right. But we also need better methodologies for vendors to fix their
> > products. The emphasis here is on "the vendor fixing the broken
> > product". It should not be a burden on the consumer, but on the vendor.
> >
>
> Like I said, Do you REALLY want a vendor to install patches for you?
i
(fully off topic!)
> IOW, "Apache should be required to
> fix their own, broken products"..."RedHat Linux should be
> required".."Oracle should be
> required"."sendmail"."wuftpd"."php"..."mysql"...etc., etc.,
> etc., ad infinitum, ad nauseum.
>
> Be careful what you wish for.
> It's not difficult to figure out how things work on
> Windows systems. Once you find that out, it's pretty
> simple. I will defer to Marcus Ranum's title of
> "artificial ignorance" to describe how the Perl
> scripts work...by identifying those things that are
> known to be 'good' entries and f
>
>
> Paul,
>
> If I'm understanding you correctly you don't understand
> Linux/Redhat. Or your just being silly to make a point.
> sendmail, wftp , php, etc.. are not owned by Redhat. Each of
> these applications are owned buy someone else and Redhat is
> allowed to re-distribute them.
Ye
> You gotta be more specific than FW-1. FW-1 can run over a large number
> of OS. You can get FW-1 for WinNT, Solaris, Linux, BSD . Each has the
> strengths and weaknesses of the underlying OS. Also FW-1 can run on a
> large number of hardware platforms, PCI, Compact-PCI, Sparc, etc. Each
> has
On Wed, 2004-06-30 at 22:05, Denis Dimick wrote:
> They pretty much do. That is if the application is one that users have
> found worth supporting.
Exactly. The responsible parties are doing their job. Now contrast that
with commercial software.
> So can I assume that you would allow a vendor to
Paul,
If I'm understanding you correctly you don't understand Linux/Redhat. Or
your just being silly to make a point. sendmail, wftp , php, etc.. are not
owned by Redhat. Each of these applications are owned buy someone else and
Redhat is allowed to re-distribute them.
And using the number o
Please see below..
On Wed, 30 Jun 2004, Frank Knobbe wrote:
> On Wed, 2004-06-30 at 21:08, Paul Schmehl wrote:
> > I'm right there with you, Frank, on one condition. You hold *every*
> > software vendor to the same standard.
> > [...]
> > If we're going to require that software vendors produce
Frank,
I think your barking up the wrong tree here. Any admin worth his/her
salt
would at least keep up with security, and try to keep current on all the
required patches. There's very little reason to expect, let alone blame M$
for acting they way they have always acted.
As long as acting th
On Wed, 2004-06-30 at 21:08, Paul Schmehl wrote:
> I'm right there with you, Frank, on one condition. You hold *every*
> software vendor to the same standard.
> [...]
> If we're going to require that software vendors produce flawless products,
> we're not going to have many software products.
Hmmm ...
A lot discussions ... some flares .. some requests (off-list) ...
Re to GTi .. sorry buddy .. u were slow. Not my fault ;-) U must have
heard the words "Survival of the FITTEST". In this case .. the
"fastest" was the "fittest".
"mpostle" got it as he was FAST. May be GMAIL TEAM wants onl
--On Wednesday, June 30, 2004 6:27 PM -0500 Frank Knobbe <[EMAIL PROTECTED]>
wrote:
Instead of requiring the consumer to install patches, Microsoft should
be required to fix their own, broken products. That means that they
should send their army of engineers (a lot of which are now carrying the
CI
-aditya
> > Sure...Perl scripts. As a security admin in an
> FTE
> > position, I had scripts that checked all systems
> > within the domain for entries in the ubiquitous
> 'Run'
> > key, as well as for BHOs. Easy stuff, pretty
> trivial, actually.
>
> but then you would have to keep on updating
> Sandeep Sengupta has invited you to open a free Gmail
> account.
thanks sandeep, but guys did you know that www.rediffmail.com also offers you a 1gb
mail space - and anyone can signup.
be careful of the ads.
-aditya
ÿÿ
éb½êÞvë"axZÞx÷
> Sure...Perl scripts. As a security admin in an FTE
> position, I had scripts that checked all systems
> within the domain for entries in the ubiquitous 'Run'
> key, as well as for BHOs. Easy stuff, pretty trivial, actually.
but then you would have to keep on updating your bhos and other sigs,
> Thank you, thank you, thank you! It was very generous of you to think of
> us! Perhaps the list indeed needs a gmail account... although given the
> amount of drivel^H^H^H^Hdiscussion going on, we would probably easily
> fill up any amount of disk space, and the automatic indexing would also
> Sure...Perl scripts. As a security admin in an FTE
> position, I had scripts that checked all systems
> within the domain for entries in the ubiquitous 'Run'
> key, as well as for BHOs. Easy stuff, pretty trivial, actually.
but then you would have to keep on updating your bhos and other sigs,
> You gotta be more specific than FW-1. FW-1 can run over a large number
> of OS. You can get FW-1 for WinNT, Solaris, Linux, BSD . Each has the
> strengths and weaknesses of the underlying OS. Also FW-1 can run on a
> large number of hardware platforms, PCI, Compact-PCI, Sparc, etc. Each
> has
> Sure...Perl scripts. As a security admin in an FTE
> position, I had scripts that checked all systems
> within the domain for entries in the ubiquitous 'Run'
> key, as well as for BHOs. Easy stuff, pretty trivial, actually.
but then you would have to keep on updating your bhos and other sigs,
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Ron DuFresne
> Sent: Wednesday, June 30, 2004 3:14 PM
> To: Drew Copley
> Cc: [EMAIL PROTECTED];
> [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: [Full-Disclosure] (IE/SCOB) Switching Softwa
On Wed, 2004-06-30 at 15:58, TIERNAN RAY, BLOOMBERG/ NEWSROOM: wrote:
> [...] Sites running Microsoft server software, such as the
> Kelley Blue Book, were infected with malicious code.
> [...]
> ``Our site was infected,'' said Robyn Eckard, a spokeswoman
> for Kelley Blue Book, an automotive
> PIXes arn't really routers either, like many firewalls. This
> is evident
> by the fact that PIXes can't route traffic back out the same
> interface
> it received the traffic on. You have to be concious about these
> limitations when doing network design in the presence of PIXes.
>
Whe
Summary:
Microsoft is very wrong when presenting information
about Download.Ject [also known as: JS.Scob.Trojan,
Scob, and JS.Toofeer.]
Many media sources have also been presenting infactual
information on these virii.
What Is Happening:
CERT advises people not to use Internet Explorer.
http
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Barry Fitzgerald
> Sent: Wednesday, June 30, 2004 3:07 PM
> To: Drew Copley
> Cc: [EMAIL PROTECTED]
> Subject: Re: [Full-Disclosure] (IE/SCOB) Switching Software
> Because of Bugs: Some Facts Abo
Whoops, correction:
I was wrong.
Their "unknown vulnerability" probably is the 180solutions
issue, not the adodb issue, which they do not even discuss
at all, though Symantec notes it.
That's what I get for quitting caffiene and nicotine at
the same time...
> -Original Message-
> From:
Sounds like your expert came up with a pet solution first, then made up the
requirements to fit. Even then, TLS Telnet does not fit. I can't find an
IETF STD for it.
Is tunnelling other protocols is an issue, is HTTP also not allowed?
GNU httptunnel tunnels other protocols including SSH through
> -Original Message-
> From: Barry Fitzgerald [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 30, 2004 3:07 PM
> To: Drew Copley
> Cc: [EMAIL PROTECTED]
> Subject: Re: [Full-Disclosure] (IE/SCOB) Switching Software
> Because of Bugs: Some Facts About Software and Security bugs
>
> D
Look, it was a long paper, and some people may get the
wrong idea about what I am saying, so let me briefly note:
-> You probably should change browsers because of the way
Microsoft is fixing their bugs right now
-> All applications have bugs, yes, Internet Explorer has
a huge "landscape", but so
The mere fact that mozilla or firefox or netscape are not core components
of the windows OS is actuallky reason enough to choose to change
browsers, despite the bad hype and bug researchers with a thing against m$
and all the rest of the gunk.
Thanks,
Ron DuFresne
~
Drew Copley wrote:
Conclusion: Mozilla may be better. I think there is some strong
chance of that. But only marginally. It has had bugs. It has a lot
of features, which means a lot of potential for security issues. They
have kept their browser more conservative then Microsoft has kept
Internet Expl
Microsoft Says Hackers Exploit Server, Browser Flaws (Update2)
(Adds comments from Network Associates, Symantec in eighth,
12th paragraphs.)
By Tiernan Ray and Vivek Shankar
June 25 (Bloomberg) -- Microsoft Corp., the world's largest
software maker, said the combination of a newly fou
There has been a great deal of talk about people
switching to Mozilla because of this recent Internet
Explorer issue.
This is a serious misunderstanding about security
that comes about because of people's ignorance and
because they "believe the hype" but do not look at
the details.
An example:
h
On Wed, 30 Jun 2004 10:56:28 PDT, Morning Wood <[EMAIL PROTECTED]> said:
> As a side note, I would like to know if using a exploit on a non passworded
> site ( access restriction )
> to obtain / change data is in fact illegal ( in the USA ) , as I recall it
> is a violation to bypass
> an ACCES
Hi List
Does anybody know about a method and/or tools to copy printing jobs from a
networked printer? I know about the hijetter from phenoelit (funny ;-), but
not about to copy running jobs from the printer memory...
Would be nice, thanx in advance.
GreetZ from IndianZ
mailto:[EMAIL PROTECTED
I use both PIX and Checkpoint, and have used Checkpoint since 3.0b.
IMHO, Checkpoint is far more intuitive and easy to use. Adding host and
network objects, placing them into groups, and employing them in rules
is straight forward. PIX also has this feature (object groups), but
it's not as q
That is odd. You *must have some translations in place. Because you *must
have (2) different subnets. ( One outside and another on the inside ) So
when a packets transverses the pix and is sent outbound it must be
translated - Nat inside / Outside
or Nat 0 when using VPNs.
JP
-Original Messag
Heh. That also suprised me when I started working w/ PIX. The fact you
needed some sort of NAT statement to pass traffic regardless whether you
were NATing had me shaking my head. Not too suprising I guess, since if
I recall, PIXes came from the Cisco aquisition of a company called
Network T
>-Original Message-
>From: Morning Wood [mailto:[EMAIL PROTECTED]
>Sent: Wednesday, June 30, 2004 12:56 PM
>To: Edge, Ronald D; [EMAIL PROTECTED]
>Subject: Re: [Full-Disclosure] Name One Web Site Compromised
>by Download.Ject?
>
>> Legal liability question: Has anyone contacted an attorn
--On Wednesday, June 30, 2004 02:49:07 PM -0500 "Edge, Ronald D"
<[EMAIL PROTECTED]> wrote:
Back to the point: full-exposure just happens to be the name of
this list. My point had little to do with the specific exploits,
and everything to do with legal and social context of the what I
see as a pat
Then you would have some static statement which covers the network in questions. PIX
need some sort of translation for its ASA (Adaptive Security Algorithm) to work, so a
"static" covers the network range would do...
-Antony
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PRO
That is odd. When dealing with a Pix firewall, no traffic can go out an interface
without some sort of translation statement.
Even the default configuration has this:
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
There must be either a static or dynamic translation statement in your configuration.
I found WebRoot Spysweeper to be the most effective in catching spyware /
Adware.
It found a lot of stuff Adaware and pestpatrol couldn't find.
JP
-Original Message-
From: Seamus Hartmann [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 30, 2004 8:20 AM
To: Harlan Carvey; [EMAIL PROTECTED
SecurityLab report: The Top 10 Most Critical Vulnerabilities in June 2004
. Firebird Remote Pre-Authentication Database Name Buffer Overrun
Vulnerability, http://www.securitylab.ru/45626.html , Bugtraq ID 10446
. Squid Proxy NTLM Authentication Buffer Overflow Vulnerability,
http://www
Oh the naivete ...
Regardless of the fact that this is full disclosure, does anyone really
think that any medium to large business concern wants to make public the
fact that their IT infrastructure is vulnerable? Especially in the Fascist
Utopia that we call America? Pu-LEEZ!
The reason that you
Ben Nelson <[EMAIL PROTECTED]> writes:
> You must have some static's in place then, which is a static 'NAT'
> translation.
ok
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
At 10:29 30/06/2004, Cyril Guibourg wrote:
AFAIK, a PIX can operate without NAT. Did I miss something ?
Yes, NAT can be disabled on Pix.
See the 'nat' command.
Simply put the appropriate line syntax and it will behaves as a normal
Firewall.
But only behaves because no routing daemon, and Pix keeps
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You must have some static's in place then, which is a static 'NAT'
translation.
Cyril Guibourg wrote:
| "Otero, Hernan (EDS)" <[EMAIL PROTECTED]> writes:
|
|
|>I think you do, because at least a nat 0 it´s needed to get traffic
passing
|>through
"Otero, Hernan (EDS)" <[EMAIL PROTECTED]> writes:
> I think you do, because at least a nat 0 it´s needed to get traffic passing
> through the pix.
This is odd, I do have a running config under 6.2 without any nat statement.
___
Full-Disclosure
With each email you somehow manage to sink even deeper into complete uselessness. Oh
and btw, try using F7 before you click 'send'.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Legal liability question: Has anyone contacted an attorney yet about
damage done by either of these two possibly negligent actions
are you serious? this "hunt" is laughable. Why is this any different than
anything else?
This is not the first time sites have been hacked to include exploits on the
At 10:29 30/06/2004, Cyril Guibourg wrote:
AFAIK, a PIX can operate without NAT. Did I miss something ?
Yes, NAT can be disabled on Pix.
See the 'nat' command.
Simply put the appropriate line syntax and it will behaves as a normal
Firewall.
But only behaves because no routing daemon, and Pix keeps
On Wed, 30 Jun 2004 15:33:23 +0200, Szilveszter Adam <[EMAIL PROTECTED]> wrote:
[...]
> be a fairly dull task... wondering what AdWords(TM) would be triggered
> by the following, fairly typical occurences in the index: "MS-bashing",
> "STFU", "0wned" or even (horror) "overflow" :-)
Just because yo
remove this vulnerability from the CCS
4.x versions
This advisory is posted on Cisco's worldwide website at
http://www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml
Affected Products
=
Vulnerable Products
- -
CCS using an unpatched ServletExec version ea
since CERT are "federally funded" does their advise mean it is "un-American"
to use internet explorer?
georgi
On Tue, Jun 29, 2004 at 09:25:32AM -0500, Edge, Ronald D wrote:
> Even CERT has issued an advisory that is really quite amazing in its
> bluntness:
> http://www.kb.cert.org/vuls/id/
Like a few other comments already, I would also recommend using iptables --
it's a stateful inspection firewall that's included with every Linux
distribution I've come across, and also crops up in many/all? Linux
appliance firewalls. "iptables -L" will print the firewall rules to the
screen if ipta
If you use google/altavista et al to search for some of the more obvious
parts of the javascript a few come up, for example "function gc099":-
www.bifconference.com/bif2002/newsroom/Dunn_synop.rtf
www.biketas.org.au/BikeTas/ meetings/2001-10-02-minutes.txt
www.planetkc.com/sloth/sci/blklst.txt
engl
On Wed, 30 Jun 2004, Harlan Carvey wrote:
>
> > Does anyone out there know of any tools available to
> > probe network workstations for the presence of
> > adware/spyware?
>
> Sure...Perl scripts. As a security admin in an FTE
> position, I had scripts that checked all systems
> within the doma
Heh...
Love perl, myself, and command line login scripts as well...
But for those of us who have an all windows user network, with all windows
admins... The command line is SCARY!
Try this product. It just came out in version 5, and the windows guys seem
pretty happy. You want the corporate edit
I love the way that Google tells you who bagged that invite...
And I love the way that the web archives of Full Disclosure, some of which convert
http:// urls into will link to the same page.
But I find it slightly funny the way that spammers will pick up that email address.
Hope Google's spam
Sandeep Sengupta wrote:
Sandeep Sengupta has invited you to open a free Gmail
account.
Thank you, thank you, thank you! It was very generous of you to think of
us! Perhaps the list indeed needs a gmail account... although given the
amount of drivel^H^H^H^Hdiscussion going on, we would probably
Sandeep Sengupta wrote:
Sandeep Sengupta has invited you to open a free Gmail
account.
http://gmail.google.com/gmail/a-970ef743f-bb7a5a0af4
nice try, but:
The link you followed to create a Gmail account has already been used to
create an account for [EMAIL PROTECTED] Now, its account creating
p
>From the latest issue of:
*
SANS NewsBitesJune 30, 2004 Vol. 6, Num.
26
*
Legal liability question: Has anyone contacted
Sandeep Sengupta has invited you to open a free Gmail
account.
http://gmail.google.com/gmail/a-970ef743f-bb7a5a0af4
Enjoy !!!
Warm regards,
Sandeep.
Cologic Security ltd
www.e-secure-it.us
www.e-secure-it.info
__
Do you Yahoo!?
New and Improve
I think you do, because at least a nat 0 it´s needed to get traffic passing
through the pix.
-H
-Original Message-
From: Cyril Guibourg [mailto:[EMAIL PROTECTED]
Sent: Miércoles, 30 de Junio de 2004 4:30
To: Laurent LEVIER
Cc: Darkslaker; [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure]
Hi,
I think there is one more thing when we're talking about Checkpoint and
PIX. If you have Checkpoint you can download Checkpoint SDK from vendor
site and write your own plug-in to the FW-1 software (i.e. for logging
purposes or intrusion detection). With PIX Firewall software such thing is
imp
> Does anyone out there know of any tools available to
> probe network workstations for the presence of
> adware/spyware?
Sure...Perl scripts. As a security admin in an FTE
position, I had scripts that checked all systems
within the domain for entries in the ubiquitous 'Run'
key, as well as for
Hi, have not much time so here is the thing... There's a bug in the DSL
router Prestige 650HW-31, you just post a long string as password and the
router resets it self so is very easy to make a DNS to this router if people
doesnt have the aproppiate filters on port 80 (I didnt tried on Telnet).
Thi
Laurent LEVIER <[EMAIL PROTECTED]> writes:
Hi L2,
> At the NAT level, you have to know Pix is a NATing box and everything
> it does is based on NAT.
AFAIK, a PIX can operate without NAT. Did I miss something ?
___
Full-Disclosure - We believe in it.
C
68 matches
Mail list logo