Goencz, Otto wrote:
[restructured to cure top-postingitis]
> >>I installed XP service pack 2, sure the firewall was there did it bitch
> sure
> it did but I left it up. Told it to allow the applications that use the net
> to work.<<
>
> > Does the XP firewall do application level outbound blocki
Keifer, Trey wrote:
Los Alamos uses Tipping Point with apparently great results. They just
did a webinar with SANS over it last month. You can go to the archives
on SANS site and listen…
Only when they can find the disks to their computers.
Goetz
___
Do you buy devices ( car or dish washer ) that takes only one kind of
petrol or one kind of washing powder ? No ? Cause that was the point made.
And btw, nice signature Joshua, but i bet you get that all the time.
lmao.
"- Oh i see, o
if [ -e $PROFIT] in $FUD ; do sleep 29160 ; make release $ServicePack %d
Damn, M$ source code leaked once again.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
On Fri, 13 Aug 2004 21:16:57 EDT, Justin Myatt said:
> I am away on holiday where email and phones are not readily available.
>
> Please contact Rick Gunderson [EMAIL PROTECTED] / +1 403 539 3726 if
> you have any questions.
Question 1:
How many subscribers does full-disclosure have, and what
If it is of interest, GFI (www.gfi.com) mail & download security packages offer
multiple virus engine scanning (NAI, kaspersky, bitdefender and something else),
within one product. Not really that expensive, and sems to work well enough.
Regards
Richard
-Original Message
On Saturday 14 August 2004 02:52, [EMAIL PROTECTED] wrote:
> On Fri, 13 Aug 2004 21:17:44 +0200, Maarten said:
> > The only thing Todd (and I) are trying to say is that it is possible to
> > rename after the fact. I don't #!%$&* care how many old Cobol programs
> > need adapting for that to "get"
On Fri, 13 Aug 2004 20:50:10 +0200, devis said:
> Do the interface of OpenOffice and MS Office looks THAT different to you
To a programmer who's abstracted stuff to fairly high levels, they look pretty
much the same. However...
> ? Hell no. These secretaries are formed to work on an interface, a
Has everyone seen the immunitysec.org report yet?
http://www.immunitysec.com/downloads/tc0.pdf
"...Immunity's findings clearly show that the best platform for your
targets to be running is Microsoft Windows, allowing you unparalleled
value for their dollar. This result reinforces the fact that it
I will be out of the office starting 13/08/2004 and will not return until
23/08/2004.
Hi,
I am away on holiday where email and phones are not readily available.
Please contact Rick Gunderson [EMAIL PROTECTED] / +1 403 539 3726 if
you have any questions.
My apologies for any problems that
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title : SGI Advanced Linux Environment 2.4 security update #24
Number: 20040803-01-U
Date : August 13, 2004
Fixed
On Fri, 13 Aug 2004 21:17:44 +0200, Maarten said:
> The only thing Todd (and I) are trying to say is that it is possible to rename
> after the fact. I don't #!%$&* care how many old Cobol programs need
> adapting for that to "get" possible, but the fact remains that it IS.
The question is *in
I'm interested about this comment of yours (which I see repeated in a lot of
places):
"...They need to forget DOS (which they can't)..."
What do you mean by DOS?
Are you talking about "cmd.exe" or are you talking about the current:
- design of the windows Kernel?
- way the user-
On Thu, 12 Aug 2004 03:33:18 PDT, Harlan Carvey said:
> Wow! MS goes about doing what the security folks have
> been harping on for years...providing a modicum of
> security in their operating system...and now it's a
> "crap update"? Protection against buffer overflows,
> the firewall on by defa
Todd Towles wrote:
As my orginial post started, I wouldn't let it up to the AV companies at
all. Have a separate entity (group of people like us), gain the backing
of big compaines and other entities and come up with some standards.
You don't even need big companies to approve or back you -- y
So should we propose an amendment to the US amendment? Maybe something
like
"Freedom of speech. As long you say what we want hear."
Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush
I only gave examples in reference to a much bigger picture, and you
only replied to those specifics. In response to your bloviations
though, what if I didn't have ICF enabled because I like using
ZoneAlarm? I think I should have the option of M$ NOT enabling ICF and
NOT breaking ZA. And I may k
- Original Message -
From: "James Patterson Wicks" <[EMAIL PROTECTED]>
Sent: Friday, August 13, 2004 5:22 PM
All references to command-line were in direct reference to
Devis' comment " . . nothing more and shows how the typical M$ user is
scared as hell of having ever one day to learn Un
Oh give me a break. You honestly think M$ is turning cheek and genuinely
attempting to change?. I think not!
The only reason they do anything is if its financially viable for there
shareholders and annual forcast outcome. It's simple addition that the
battering they have taken over the last twe
Oh give me a break. You honestly think M$ is turning cheek and genuinely
attempting to change?. I think not!
The only reason they do anything is if its financially viable for there
shareholders and annual forcast outcome. It's simple addition that the
battering they have taken over the last twe
Todd Towles wrote:
How is naming a virus with @mm or a W32 in the front slow the process
down? Naming has nothing to do with AV venders making money IMO. If it
does, McAfee should change its name to Norton before tries to buy it
out. =)
It doesn't have a direct impact -- however, you're not go
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title : SGI Advanced Linux Environment 3 Security Update #9
Number: 20040802-01-U
Date : August 13, 2004
Fixed in
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Mike Nice
> Sent: Friday, August 13, 2004 10:17 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [Full-Disclosure] SP2 and NMAP
>
>
> > If you read the above Microsoft doc you will see that they have not
>
James Patterson Wicks wrote:
James,
Don't take this the wrong way, you've got a point in your e-mail
here, but I'm going to call you on some FUD in your message.
The business world cannot afford to "start from zero" and retrain tens
of millions of workers who use Windows desktops every day.
Barry,
All references to command-line were in direct reference to
Devis' comment " . . nothing more and shows how the typical M$ user is
scared as hell of having ever one day to learn Unix, go through RFCs (
what for ? M$ don't even read em themselves ), and use the command
line."
I was
Todd Towles wrote:
>
> How is naming a virus with @mm or a W32 in the front slow the process
> down? Naming has nothing to do with AV venders making money IMO. If it
> does, McAfee should change its name to Norton before tries to buy it
> out. =)
Smiley aside, I think that you are being disingene
First off: Nick, please lose that damn attitude of yours !
Further, by hammering on the endless we-have-done-it-for-many-years-so-who
are-you-to-tell-us-differently part you're actually making yourself part of
the problem, not part of the solution.
You're saying that internal procedures make
It's obvious that you do not have a secretary or an assistant.
Implementing change into a business environment is more painful than
pulling teeth. And then you have unions (NYC) that DEMAND training for
their members. The insanity never ends.
That being said, yes it is less expensive to run open
Insert subject here ^
-KF
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
That is the question we need to find out. But only by starting it will
we ever know. Agreed?
-Original Message-
From: Barry Fitzgerald [mailto:[EMAIL PROTECTED]
Sent: Friday, August 13, 2004 12:11 PM
To: Todd Towles
Cc: Mailing List - Full-Disclosure
Subject: Re: [Full-Disclosure] (no su
You are only getting nimda probes because the general public is stupid
as a whole and doesn't know anything about security. Most people that
have spyware installed on their computer doesn't even know it is there
or what it is..or how to replace it.
Is linux more suited for network security profes
I agree that Windows would improve from a core OS rewrite. They need to
forget DOS (which the can't) and get really permission security. I
agree. But to blame MS for the current lot of malware still on the
internet isn't fair. I run Windows XP (along with Linux boxes) at the
house and I don't pollu
On Fri, 2004-08-13 at 11:21, Castigliola, Angelo wrote:
> Microsoft told Fyodor the reason they disabled raw sockets in SP2 was:
>
> "We have removed support for TCP sends over RAW sockets in SP2. We
> surveyed applications and found the only apps using this on XP were
> people writing attack tool
-- Corsaire Security Advisory --
Title: Clearswift MAILsweeper multiple encoding/compression issues
Date: 07.08.03
Application: Clearswift MAILsweeper prior to 4.3.15
Environment: Windows 2000
Author: Martin O'Neal [EMAIL PROTECTED]
Audience: General distribution
Reference: c030807-001
-- Sco
>The problem with M$'s patches/updates/fixes/sp's is that they assume
they know better >than you what the settings should be, and without asking
they override any current >settings.
No it doesn't. It mirrored the ICF firewall settings I already had in place
on every machine I put it on
Did i said that business world should return to command line ? I wasn't
under that impression.
Do the interface of OpenOffice and MS Office looks THAT different to you
? Hell no. These secretaries are formed to work on an interface, and
changing a few things in that same interface will not as y
Harlan Carvey wrote:
Barry,
One other thing I'd like to throw into the mix. This
whole discussion is being viewed, it seems to me from
the wrong perspective. The attitude that the entire
A/V industry should have a common naming convention
seems to be coming from the open source camp...while
A/
Hi Allan,
This "weirdest thing" is just a "X-message-flag: Your-Error-MSG-here" in the
mail's header. Especially here on FD you see messages like "Warning! You're
still using Outlook!" or stuff like that...
Regards,
Pera
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL
On Fri, 13 Aug 2004 18:06:06 +0200, Maarten <[EMAIL PROTECTED]> wrote:
> On Friday 13 August 2004 05:00, Brad Griffin wrote:
> > *virii*
> > g
>
> What ? You prefer viruses ? virusses ? Viri ? Virea ? Virux ? ;-)
This might be getting a touch off-topic (or at least definitely a
tangent), bu
I am getting nimda probes because nimda from a start was made possible
by MS designing a web server full of damn holes ( read not tested,
deadlines, time is money ). Do not blame the people not patching their
boxes, as it is the problem today, but not the problem that caused it.
That is what i
I am surprised this hasn't engendered a lively
discussion, everything else seems to.
In neL's book, this paper ranks as one of the best.
This isn't me. I don't exist.
neL
___
Full-Disclosure - We believe in it.
Charter:
Howdy Harlan,
On Fri, 2004-08-13 at 09:40, Harlan Carvey wrote:
> The attitude that the entire
> A/V industry should have a common naming convention
> seems to be coming from the open source camp...while
> A/V companies aren't necessarily open source.
> Companies in general are about making money
How is naming a virus with @mm or a W32 in the front slow the process
down? Naming has nothing to do with AV venders making money IMO. If it
does, McAfee should change its name to Norton before tries to buy it
out. =)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
It is a very complex issue...but a simple agreement on standard
post/pre-fixes would be a start.
As my orginial post started, I wouldn't let it up to the AV companies at
all. Have a separate entity (group of people like us), gain the backing
of big compaines and other entities and come up with som
Immunity is proud to present for public release our newest research
paper: Microsoft Windows, a lower Total Cost of Ownership.
This can be found at http://www.immunitysec.com/resources-papers.shtml .
Thanks,
Dave Aitel
Immunity, Inc.
___
Full-Disclosure
On Friday 13 August 2004 05:00, Brad Griffin wrote:
> > network but located inside the "dirty" lab, say) they often do not
> > _want_ to break their own concentration.
> >
> >I'd suggest they're not so isolated as you claim. For one thing, how
> do you suppose they get to hear new strains are fou
Microsoft told Fyodor the reason they disabled raw sockets in SP2 was:
"We have removed support for TCP sends over RAW sockets in SP2. We
surveyed applications and found the only apps using this on XP were
people writing attack tools."
Thor:
"Fyodor also said to try the --win_norawsock option wo
>>
you should at least look at some of the documents surrounding the
reasons for doing it, and then be accurate:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx
#XSLTsection127121120120
and a documented attack which utilised the windows raw socket functionality:
http://
Hi Allan,
"X-Message: This could be an Outlook virus! Are you sure you want to
continue using Outlook?"
It was this header in the message that caused it, Outlook will display
these messages for you quite helpfully, it is used to show you just how
intrusive the program can be, looks like it worke
-- "In all fairness, "I am good with windows" means "I know where to
-- click", nothing more and shows how the typical M$ user is scared as
hell
-- of having ever one day to learn Unix, go through RFCs ( what for ? M$
-- don't even read em themselves ), and use the command line. ( Not DOS,
a
-
I have noticed in the past couple of weeks that my XP Professional system
and many friends XP Pro systems are hanging on startup. I have tried
safemode and each system hangs on a different driver. For example one system
hung on \Windows\AppPatch\drvmain.sdb and another hung on
\Windows\system3
Hello,
>Yet Another Paypal Scam:
>patrolsafe.co.uk/cgi-bin/login.html
Not just scam, but malware as well!
This file contains "Trojan.Win32.BKClient" (AVP):
http://patrolsafe.co.uk/files/Wpshare.exe
The patrolsafe site should be CERTed down!
Sincerely: Tamas Feher, Hungary.
__
Barry,
> I think the whole AV naming issue is, though
> problematic, the least of
> our problems. I think you hit the nail on the head
> here, Harlan.
One other thing I'd like to throw into the mix. This
whole discussion is being viewed, it seems to me from
the wrong perspective. The attitude
It seems hard to beleive how people are tolerant and easy to forgive M$
for doing such mistake along their product release. How do you a tag a
product 'professionnal' when it gets owned by 41 kb of malware code ?
Not throwing the stone, but M$ has never been careful about security,
and often be
Harlan Carvey wrote:
Forget the whole naming thing...it's been bandied
about before, ad nauseum, and things haven't changed.
What *I* would like to see is some real analysis of
what they find. Too many times, weeks after
something's come out, some A/V company still has
"modifies/updates some Regi
> If you read the above Microsoft doc you will see that they have not
> "disabled raw packets" but disabled commonly abused types of raw
> packet.
While most of XP SP2 properly addresses the real issues - how to keep the
bad guys out, part of SP2 is a feeble attempt to mitigate the effects of
m
Hi,
* Sergey Lystsev wrote on Fri, 13 Aug 2004 at 17:47 +0700:
> You did not mention in which Confixx version you have found these errors.
Confixx 2.0.*
Confixx 3.0.2
> Confixx development team can say, that all 3 mentioned issues:
> are fixed now (since 19 July 2004).
> The properly updated sy
reading the release notes is a good idea.
who ever said about the bait your right
and i got a lot of fish!
you lamers who cant get sp2 working well dont bother using it
its not m$ problem that your dumb!
its amazing how ppl bag m$ when they have a 90 percent market share
so you have to live with it
Todd Burroughs wrote:
Before trying to explain a few items to Todd, it is clear that he is
either smoking something very bad or he jumped into the middle of
thread on a topic he knows nothing about and decided the rest of the
world wanted his ignorant, pea-brained opinions anyway. If Todd read
You did not mention in which Confixx version you have found these errors.
Confixx development team can say, that all 3 mentioned issues:
* http://lists.netsys.com/pipermail/full-disclosure/2004-July/024388.html
* http://lists.netsys.com/pipermail/full-disclosure/2004-August/024647.html
* http://li
The Pentgon uses a solution that scan everything with multi-engines. We
looked into getting it, but it is pretty costly.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Random
Letters
Sent: Friday, August 13, 2004 3:56 AM
To: [EMAIL PROTECTED]
Subject: [F
Release Date:
August 11, 2004
Severity:
Medium
Vendor:
Internet Security Systems
Software:
BlackIce Server Protect 3.6cno and below
Remote:
Remotely Executable from Local and Trusted Networks
Vulnerabilities:
Unpriviledged User Attack
Technical Details:
Unpriviledged User Attack was originall
> > As
> > I explained in other of my posts in this and the
> related "AV Naming
> > Convention" thread, in general by far the largest
> "cost" of naming
> > disagreement is borne by the users in the early
> hours of large-scale
> > outbreaks.
Forget the whole naming thing...it's been bandied
#
## Advanced usage of system() function ##
#
1. Introduction
In a last few years a lot of new patches for kernel
which improve
security became ava
If you are going to try and bash Microsoft for doing something, maybe
you should at least look at some of the documents surrounding the
reasons for doing it, and then be accurate:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#XSLTsection127121120120
and a documented a
Theres a windows irc thingy running around infecting xp boxes.
heres the info where it connects to.
thewhore.dynu.net:6667
currently thewhore.dynu.net resolves to
then it joins the channel #h4x0r1337 using the key leet
Your host is Irc.Maneyik.OrG, running version Unreal3.2.1
There were over 150 bo
The problem with M$'s patches/updates/fixes/sp's is that they assume
they know better than you what the settings should be, and without
asking they override any current settings.
IMHO they would not take so much heat, and provide better service if
they would test the current settings, and befo
> Interesting, yet, so far lacking in any real evidence that Idefense was
> the force behind their demise. Is there something other then heresay and
> conjecture to back up the claim?
nope. nothing concrete. then again, if it was a fabricated claim, wouldn't it
make sense to fabricate 'evidence'
hi peter,
i thought the phisher is trying to add my
inputs to a file (fopen(palka.txt)) and then redirect it to paypal. but
there's an error in the paypal.php script.
Warning: fopen(palka.txt): failed
to open stream: Permission denied in /usr/home/patrolsafe/public_html/cgi-bin/paypal.php
on lin
Hi Roman,
Funny phishing attempt.
None of the information that you submit are sent to the bogus site. All
referals seems to point to the legit PayPal website. Especially the login
and sign up information would be useful to a "Phisher", but this also goes
to the legit site. I wonder ...
Regards
P
> I can easily understand how someone unversed in the _market forces_
> pertaining to antivirus software could hold that position, and as a
> theoretical solution to the problem of lack of cross-vendor naming
> coordination it has often been suggested even by though who know it
> would never work i
[EMAIL PROTECTED] wrote:
> With the SP2 RC1 McAfee could not update dats. Framework could not
> start. Had to set settings manually.
> Has this been fixed in the final version?
>
> the settings:
>
> To fix Virus scan 7.0
>
> *Run "dcomcnfg" from the DOS prompt
> Select "Component Services"
> Se
Brad Griffin wrote:
I am yet to come across a 'large' company or enterprise that uses separate
brand av applications for desktop and server solutions. It makes economic
and logistic sense to use one vendor for your av solution that is deployed
at different levels (or layers if you prefer that te
YAPPS = yet another paypal phising scam...
leads to: http://www.paypal.com/[EMAIL PROTECTED]/cgi-bin/login.html
=> http://patrolsafe.co.uk/cgi-bin/login.html
btw: there are a few errors in the paypal.php script located in /usr/home/patrolsafe/public_html/cgi-bin/
good luck the official pa
You misunderstood original post IMHO
Your 4 y. old htmls don't crash my XP just hang before I kill IE (no
prob if not exploitable).
Originally posted html BSOD OS ok let me rephrase Blue Screened XP DEAD
caput which is huge difference.
For now it seems to me as video driver issue as it depends on
Will Image wrote:
no its not that we are stupid. i first installed sp2
on my macine. when it wasnt working right i decided to
backup any important files and reformat and try
installing sp2 on a clean install out of the box
sp2 has a shitload of problem.. i'm sorry that you
cant recreate the sam
Luke Lussier wrote:
[EMAIL PROTECTED]
On Aug 12, 2004, at 10:19 PM, Phillip R. Paradis wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of xtrecate
Ultimately what difference to an end user does it make if the
applications
are broken by a service pack i
77 matches
Mail list logo
