Thanks for the interesting reading Mike. =) Good stuff there.
--
Peace. ~G
On Sat, 25 Sep 2004 00:08:19 -0500 (CDT), Mike Barushok
<[EMAIL PROTECTED]> wrote:
>
> Back in the day, 1994 to be exact, there was a virus that with the
> commonly available tools was quite difficult to eliminate, and
>
Well Put.
Regards,
Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car on the Web
At 11:15 AM 9/24/2004, Barry Fitzgerald wrote:
Frank Knobbe wrote:
On Fri, 2004-09-24 at 09:15, Barry Fitzgerald
Nagios or netsaint (or anything else that simply
connects to TCP/21 without authenticating) being used to
monitor FTP?
On Fri, 24 Sep 2004, ken wrote:
> Does anyone recognize this behavior? This has been occurring
> for a while. I am curious as to what would cause this. This
> has been happeni
Back in the day, 1994 to be exact, there was a virus that with the
commonly available tools was quite difficult to eliminate, and
which was usually detected by effects rather than the presence
on disk, or in main memory.
One of the effects it had was to "delete or stops the execution
of programs
On Fri, 24 Sep 2004, joe wrote:
> Again, there are valid uses of GetTickCount and there are safe ways of doing
> so. If there is concern, I do recommend testing functionality associated
> with each of the DLLs. You might find a bug you can report for kudos.
>
> On the incident, I would guess the v
The last Windows OS that had that problem, as I recall, was the original
release of Windows 95. MS issued a patch and said they never thought someone
would leave a computer turned on that long.
Maybe this "Windows server" is actually running on Windows 95? Kind of
sounds par for the gov.
Ray
F
Again, there are valid uses of GetTickCount and there are safe ways of doing
so. If there is concern, I do recommend testing functionality associated
with each of the DLLs. You might find a bug you can report for kudos.
On the incident, I would guess the vendor never had a clue it would do that.
several things:
1) the site is dead now. 403 Forbidden, for some reason.
2) the guy who posted it to this list isnt/wasnt the maintainer. ie,
he didnt write the about.html.
3) yes, it is illegal in most countries to participate in this. we can
pretty safely assume that thats why the site is now dea
>
> > C:\WINDOWS\system32>find "GetTickCount" kernel32.dll
> >
> > -- KERNEL32.DLL
> > GetTickCount
>
> Umm yeah. That would be the DLL that exports the function. :o)
Yes, perhaps, but do a search in \windows and \windows\system32 and you will
find several program using (or exporting;) t
Other articles state that as
"which replaced the original servers with off-the-shelf Dell hardware
running Microsoft Windows 2000 Advanced Server"
Also there are other mentions of Windows Servers replacing UNIX servers.
Don't think I have ever met someone who would be willing to call Win9x a
se
> C:\WINDOWS\system32>find "GetTickCount" kernel32.dll
>
> -- KERNEL32.DLL
> GetTickCount
Umm yeah. That would be the DLL that exports the function. :o)
Anyway, even if it is used, if used with understanding of the data value
range it can used safely. I have used it safely (as have many
The advisory seems to miss a few things...
Here's a small paper I started to put together
to fill in the blanks (and then explain how
everything fits together). It's by no means
complete (as a metter of fact, it's barely
started, but still wanted to mention a few
things not covered by the advisory)
On Thu, Sep 23, 2004 at 12:05:02PM -0400, [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote:
> Skill is skill.
This is self-referential.
> That said I am willing to bet that if they are able to actually write a kit
> they would be able to eventually track down someone selling them on the web.
> If they
On Fri, 24 Sep 2004, joe wrote:
> It says right in the article they were running Windows 2000 Advanced Server.
> The systems were not impacted by the Win95 hang bug. Almost certainly
> Windows was fine... period.
Ahem... the most informative piece I could find reads:
http://www.latimes.com/news/
On Fri, 2004-09-24 at 15:55, Ron DuFresne wrote:
> > Who do we
> > blame? Operators or products?
>
> or vendors. you forgot vendors Frank! . vendors drive how other
> apps are produced for the environment, which drives how technical folks
> deal with them...
Heya Ron,
yeah, you're right. But w
Hi list,
Regarding "GetTickCount()" [1] it might be a good idea to schedule
reboot of Windows boxes within 49.7 days, just in case..
Even M$ folks do misstakes [2] when they are using this function.
Hm, i'm wonder what this is used for.. ? ;-)
C:\WINDOWS\system32>find "GetTickCount" kernel32.dl
[SNIP]
>
> Unfortunately, there is some truth in this. We (and not just the media)
> are starting to put blame on humans far too quickly. Is this justified?
> On one hand, they are only tools for us to do our job. On the other
> hand, they are products that we should be able to rely on. W
Date: September 24, 2004
Vendor: America Online Inc.
Issue: E-mail address disclosure and possible AIM account hijacking.
URL:http://groups.aol.com / AOL Keyword: Groups
Notes:
The following vulenerability in AOL's [EMAIL PROTECTED] feature can result in the
disclosure of an
AOL Instant
You certainly like to assume.
MS being aware doesn't mean they are involved. Even if they are, I suspect
they will not go around saying that the vendor screwed up. They will simply
help them with it. On a daily basis MS sends people into companies and
corrects and troubleshoots things vendors did
clearly m$ are involved in this "incident".
i don't want amateurs commenting on m$.
i want an official reply from m$.
is there any official m$ reply on the "incident" (hahahaha) ?
--
where do you want bill gates to go today?
On Fri, Sep 24, 2004 at 02:08:49PM -0500, Todd Towles wrote:
> But
On Fri, Sep 24, 2004 at 11:50:30AM -0400, joe wrote:
> > you know that "not able to comment" basically means "screwed" ?
>
> It does? I could think it means they talked to press people and they didn't
> want to just talk, they wanted to wait for someone who knew code could look
> into the issue. I
It says right in the article they were running Windows 2000 Advanced Server.
The systems were not impacted by the Win95 hang bug. Almost certainly
Windows was fine... period. The communication software puked based on the
same API function that the Windows 95 Dev guys screwed up with. The value
roll
...as if stupid app developers are solely the products of Windows environments.
No, but it's probably where you'll find more of them.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
But you just said, there was a patch for the OS. It isn't like some one
month ago patch...this is years and years and years. The company decided
not to patch and to make the tech do a reboot every 30 days. He didn't
do his job, it states it right there.
Does Microsoft have crappy coding in Windows
Alle 16:08, venerdì 24 settembre 2004, ken ha scritto:
> Does anyone recognize this behavior? This has been occurring
> for a while. I am curious as to what would cause this. This
> has been happening on a wide range of IPs. Any hints would
> be appreciated, thanks in advance.
umh... maybe brutefo
ASB wrote:
~
Where issues like this relate to the OS is in the fact that the OS
itself shouldn't be brought down by a poorly designed app.
~
And where in that article did you read that the OS was brought down by
a poorly designed app?
Stop filling my inbox with your senseless blabber
Whore
..cant ya squeeze it into one post ?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Friday, September 24, 2004 11:51
To: 'Georgi Guninski'
Cc: [EMAIL PROTECTED]
Subject: RE: [Full-Discl
On Fri, 24 Sep 2004, ASB wrote:
> "The servers are timed to shut down after 49.7 days of use in order to
> prevent a data overload, a union official told the LA Times."
>
> How you managed to read "OS failure" into this is rather astounding...
The statement above, even though either cleverly disg
Does anyone recognize this behavior? This has been occurring
for a while. I am curious as to what would cause this. This
has been happening on a wide range of IPs. Any hints would
be appreciated, thanks in advance.
-k
Sep 23 18:02:45 webnode01 pure-ftpd: ([EMAIL PROTECTED]) [INFO] Logout - CPU
~
Where issues like this relate to the OS is in the fact that the OS
itself shouldn't be brought down by a poorly designed app.
~
And where in that article did you read that the OS was brought down by
a poorly designed app?
~~~
There were actually worse foul ups from poor developers using that function.
And I agree, the ones who did it weren't too intelligent or informed on what
they were dealing with. Doesn't mean that windows is a product of stupid
developers but parts of it could certainly be pointed at as an argument
I read that article differently than you.
It seems you read it that a system backup (i.e. something backing up data)
failed. I read that an operator didn't reboot the system and the software
designed to catch that and handle it failed.
"An improperly trained employee failed to reset the system
I agree you should be able to rely on the products.
What is apparently at fault here is a vendor using a value from a system
function incorrectly or if you wish, using an incorrect system function for
their purpose. I'm pretty confident they weren't rebooting these servers for
Windows to function,
>From the article
"The servers are timed to shut down after 49.7 days of use in order to
prevent a data overload, a union official told the LA Times. To avoid this
automatic shutdown, technicians are required to restart the system manually
every 30 days. An improperly trained employee failed to re
> are you speaking for m$?
Of course not, but I don't have the legal liability they have either and my
dev staff is the staff of one so I can get to the people in the know rather
quicker than MS. Plus I don't have to be politically correct and be nice
about it.
> you know that "not able to comm
If I could I would, policy is policy... Corporation rules, you know?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Geo.
Sent: Friday, September 24, 2004 10:27 AM
To: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] Windoze almost managed to 200x repeat
9
Frank Knobbe wrote:
On Fri, 2004-09-24 at 09:15, Barry Fitzgerald wrote:
The article doesn't make the situation entirely clear. Did the app
intentionally restart the system and foul it? Did the restart occur
because the app crashed?
No, no, the problem was "human error" because a tech
On Fri, 2004-09-24 at 09:15, Barry Fitzgerald wrote:
> The article doesn't make the situation entirely clear. Did the app
> intentionally restart the system and foul it? Did the restart occur
> because the app crashed?
No, no, the problem was "human error" because a tech didn't reboot the
sy
>>Windows as a place in the computing world. On my fast computer behind
several NATed routers with a lot of games on it. It isn't a server OS.<<
I love the way the mouth says one thing while the headers say another...
Geo.
___
Full-Disclosure - We beli
joe wrote:
Nod. Some knucklehead used GetTickCount or clock() for their app and had no
clue about datatypes and overflows and range of possible values and some
people go off on Windows.
I was helping someone in the public newsgroups with a similar issue.
"Experienced" 10 year c coder who didn't und
Title: Re: [Full-Disclosure] Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses
There
are several areas that programs can use to hide from AV without rootkits. ADS,
System Info Volume, Trash, etc.
The
scary part about rootkits becoming the norm in spyware is the a
On Fri, Sep 24, 2004 at 09:28:08AM -0400, joe wrote:
> Nod. Some knucklehead used GetTickCount or clock() for their app and had no
> clue about datatypes and overflows and range of possible values and some
> people go off on Windows.
>
joo,
are you speaking for m$?
the article clearly states:
"
I agree, Doesn't seem to be a Windows problem at all. Just look at how
many people jumped on the wagon and started to blame.
Windows as a place in the computing world. On my fast computer behind
several NATed routers with a lot of games on it. It isn't a server OS.
=)
-Original Message-
- Original Message -
>> That has nothing to do with Windows, and everything to do with a stupid
application.
>> ...as if stupid app developers are solely the products of Windows
environments.
>
>No. But according to that logic it seems that Windows is a product of
>stupid developers.
>
>h
On Fri, 2004-09-24 at 06:21, ASB wrote:
> That has nothing to do with Windows, and everything to do with a
> stupid application.
>
> ...as if stupid app developers are solely the products of Windows environments.
No. But according to that logic it seems that Windows is a product of
stupid develop
Nod. Some knucklehead used GetTickCount or clock() for their app and had no
clue about datatypes and overflows and range of possible values and some
people go off on Windows.
I was helping someone in the public newsgroups with a similar issue.
"Experienced" 10 year c coder who didn't understand wh
I can't get my head around the idea that this is not a bandwidth exhaustion attack which may be misconstrued as a DoS (hi to policy makers in brussels)...
In any case I do like the idea of denying the Spam mongerers their web presence.
I have a question from the /about.html on fightspam.nm.ru
Mike Nice wrote:
http://www.techworld.com/opsys/news/index.cfm?NewsID=2275
Next time think twice before replacing Un*x with Voles!
" The servers are timed to shut down after 49.7 days of use in order to
prevent a data overload,"
Hee hee, someone used the "milliseconds since bootup" counter as
That has nothing to do with Windows, and everything to do with a
stupid application.
...as if stupid app developers are solely the products of Windows environments.
-ASB
On Fri, 24 Sep 2004 11:32:29 +0200 (CEST), Feher Tamas
<[EMAIL PROTECTED]> wrote:
> http://www.techworld.com/opsys/news/index.
> http://www.techworld.com/opsys/news/index.cfm?NewsID=2275
>
> Next time think twice before replacing Un*x with Voles!
" The servers are timed to shut down after 49.7 days of use in order to
prevent a data overload,"
Hee hee, someone used the "milliseconds since bootup" counter as a timer
in
It sounds like the KIBUV.B
worm
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_KIBUV.B&VSect=T
Regards,
Alex
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Ryan
SumidaSent: 23 September 2004 18:42To:
[EMAIL PROTEC
http://www.techworld.com/opsys/news/index.cfm?NewsID=2275
Next time think twice before replacing Un*x with Voles!
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
52 matches
Mail list logo