Hi all
OK - here is a basic question - sorry if this is totally clueless.
I have a client who runs a heavy engineering shop. To date all his
computerised punches and bend breaks etc. have been driven via a windows CAD
workstation talking to them on a serial cable - basically a data dump to the
if you try to connection request about 80 90 times on same time.. it gets a crash..
i attached a ddos exploit to this mail..
--
__
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your
Would just the source code work? Or do you need to have it already compiled?
Try Google... there are plenty of places online that allow you to
download virus/worm source code. Some of them even have them even have
the compiled binaries posted to boot.
~G
On Mon, 30 Aug 2004 12:46:41 -0500,
Agree with your answer - in fact, I've successfully booted the Live
Knoppix version from a 1GB USB stick. Took some configuring, but runs
beautifully once done.
If you can get it to work, or worried it might, it has EVERYTHING to
do with a security mailing list! Lets say I have physical access to
if you try to about 80 or 90 conection request to the VNC server same time.. it
gets crash.. i attached a stupid ddos exploit for this hole..
--
__
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and
Very interesting situation. To be honest I've never tried to
experiment with such a setting in a virus lab, however I do know that
viruses can travel via any electronic means of communication. Back
before RJ-45 jacks were used much, NICs had serial or BNC plugs
instead. Viruses traversed through
as reported on /. there is an interview with a slave of the empire:
http://www.wired.com/wired/archive/12.09/view.html?pg=3
-
Q: Seems like you're fighting a losing battle.
A: It's not a switch that can be flipped. Software written by humans
will always contain errors.
-
i'm working to say that is not ddos it must be just dos.. i hope this mail reach..
- Original Message -
From: Orhan BAYRAK [EMAIL PROTECTED]
Date: Tue, 31 Aug 2004 02:58:20 +0800
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] RealVNC 4.0 remote ddos vulnerability with stupid
lol, well if they don't allow us (IT staff) to do our jobs, then they
will REALLY be upset when it's offline for 18 DAYS since it's broke.
=)
I'm sure there are viruses out there (older ones mind you) that would
be aware of a serial connection. The reason no newer ones would... who
uses a serial
Dibs on December 32nd!
On Fri, 27 Aug 2004, Nomen Nescio wrote:
Rhetorical question: Does anyone know of a day of the year when it is not someone's
security awareness day? If they are not all taken, maybe I'll proclaim my own.
--
Galt's sci-fi paradox: Stormtroopers versus Redshirts to the
BIG ASS SNIP
SUMMARY:
IMHO even using packet writing this is not a good solution for log
handling, but maybe ok for log archiving on a remote log server (which
we would hope not to be compromised until after logs were written, at
worst).
DOWN TO IT:
The principle of using WORM media for storing
Missed this email - for some reason Gmail sent it to the spam folder. (?)
I've yet to have an issue booting to my 6-in-1 card reader. Maybe I'm
lucky since I noticed the Sony Memeory stick I was booting from (for
Knoppix, before I purchased a 1GB USB Stick) is the first drive listed
when plugging
#
Application: MSInfo
Vendors: http://www.microsoft.com
Platforms: Windows 2000
Bug:Msinfo32.exe BOF
Risk: Low
Exploitation:Local
Date: 30 August 2004
Author: Emmanouel Kellinis
Yes it must be just DOS
- Original Message -
From: KF_lists [EMAIL PROTECTED]
Date: Mon, 30 Aug 2004 17:39:43 -0400
To: Orhan BAYRAK [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] RealVNC server 4.0 remote ddos vulnerabilitywith exploit
And why exactly is this a ddos? I see
And why exactly is this a ddos? I see nothing distributed about it. How
about you drop one of the d's in your description.
-KF
Orhan BAYRAK wrote:
if you try to connection request about 80 90 times on same time.. it gets a crash.. i attached a ddos exploit to this mail..
Quoting Stephen Toulouse, Microsoft's security program manager, Security is
really an industry-wide problem. Just this morning I had to install an
update to Firefox to block a flaw that would've allowed an attacker to run a
program on my system. We're working around the clock to make Internet
I might also suggest that it is likely (although not guaranteed, maybe
ask the manufacturer) that the application will put a full lock on the
RS232 comms, and as such, a virus could only transfer data to the OS /
program if the lock was removed (program was closed).
As for viral infections via
I think at best you could succeed in crashing the process or executing code
in the context of the user running msinfo32.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of E.Kellinis
Sent: Monday, August 30, 2004 11:17 PM
To: [EMAIL PROTECTED]
Subject:
First of I would like to explain the first reason of this short
solicitation e-mail.
As most of you know a major part of subscribers to this mailling list are system
administrators using full-disclosure as a tool to stay up to date on
security. For many system administrators it is not always easy
On Mon, 30 Aug 2004, Jean Gruneberg wrote:
So the question is, is a pc / machine connected to another pc via serial
cable only using specialised windows software to move data to the machine at
all vulnerable to viruses? Can they transmit themselves across a serial
cable?
You are confusing
Über GuidoZ wrote:
even though it's officially a serial connection... the assumtion is
talking about RS232 specs: http://www.google.com/search?q=rs232 I
think we're all aware a virus can most certainly traverse through a
USB connection.)
hm, i fail to see the point here. isn't a serial connection
Über GuidoZ wrote:
even though it's officially a serial connection... the assumtion is
talking about RS232 specs: http://www.google.com/search?q=rs232 I
think we're all aware a virus can most certainly traverse through a
USB connection.)
hm, i fail to see the point here. isn't a serial connection
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Gwee (generic web exploitation engine) has been ported to Microsoft Windows
(x86), the 1.36 version tarball comes with gwee.exe - precompiled with https
support.
Get it at: http://tigerteam.se/dl/gwee/
gwee (Generic Web Exploitation Engine) can
So the question is, is a pc / machine connected to another pc
via serial cable only using specialised windows software to
move data to the machine at all vulnerable to viruses? Can
they transmit themselves across a serial cable?
It all really depends on how transport independent
24 matches
Mail list logo
