RE: [Full-Disclosure] TCP / IP

--- Richard Golodner <[EMAIL PROTECTED]> wrote: > > DB, what about file sizes larger than your original > window? Give us all a > little more detail as to how this might work. > Rich > The inital syn sends seq number mss source and dest ports to receiver

RE: [Full-Disclosure] Nessus experience

>>- Original Message - >>From: "Tate Hansen" <[EMAIL PROTECTED]> >> >> checks_read_timeout: maximum number of seconds to wait for a probe >> response: wait doing a recv() >> plugins_timeout: the maximum number of seconds of lifetime for a >> vulnerability check >> >> If you set checks_r

Re: [SPAM] [Full-Disclosure] Your daily internet traffic report

> > Most routers will regard any ICMP request to them as a low priority issue. > > do they? icmp is not only about 'echo'. there's lot of > other functions via type/code - fragmentation, mtu etc, > vital for traffic signalization. administrators, who > blindly closes all icmp traffic are plain stu

Re: [Full-Disclosure] Full-Disclosure Posts

[EMAIL PROTECTED] wrote: Should Full-Disclosure only allow so-called -real- names? I was on Nanog (a network admin list) and they have a rule where you can only NANOG is not even remotely a network admin list. It is comprised (mostly) of those folk who administer and make decisions on what we u

Re: [Full-Disclosure] Full-Disclosure Posts

Well, if it were a list for security professionals - with a consensus on what security was and with a shared view how to look and act professional - maybe. But then again, many people here would probably not qualify as security pro in the economic sense - they are not employed in security per sé, w

Re: [Full-Disclosure] Full-Disclosure Posts

I wonder how they handled the Cisco guy whose actual legal name was 'megazone' (Without the quotes, IIRC). Or the chinese couple that wanted to name their kid '@'? (The symbol ususally pronounced as 'at'). On Sat, 16 Oct 2004, [EMAIL PROTECTED] wrote: > Should Full-Disclosure only allow so-cal

Re: [Full-Disclosure] Google Desktop Search

Not necessarily -- that's what "salt" characters are for in crypto. Check out "Applied Cryptography". The added value is that if you have the plain text password, you have the password, if you have the hash, you still have to crack it, or BF it. MD5sum is one of the methods that Unix/Linux use

Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!

Hello Mr Espinola, > That much is obvious. Read the the full article, do a little > background research and get back to us when you reach a more sensible > conclusion. The reason for my post was to point out that Mr. Hensing doesn't appear to be a reliable source of information on the topic of p

Re: [Full-Disclosure] Full-Disclosure Posts

Exelent Idea.. ;-P On Sun, October 17, 2004 0:15, [EMAIL PROTECTED] said: > Should Full-Disclosure only allow so-called -real- names? I was on > Nanog (a network admin list) and they have a rule where you can only > post with a first and second name, instead of an alias or nick, to > kind of give

[Full-Disclosure] TCP / IP

I am just a student learning about TCP/IP and dont know where to post this idea, figured posting it here would get me some flames and links. Why not make the window the size of the file to be transmitted and the ack back have the segments missing thereby reducing overall overhead and lag time. ie

[Full-Disclosure] Full-Disclosure Posts

Should Full-Disclosure only allow so-called -real- names? I was on Nanog (a network admin list) and they have a rule where you can only post with a first and second name, instead of an alias or nick, to kind of give more credibility that you are a security professional and not a hax0r or script kid

Re: [SPAM] Re: [SPAM] [Full-Disclosure] Your daily internet traffic report

On Sat, 16 Oct 2004, Willem Koenings wrote: > > Most routers will regard any ICMP request to them as a low priority issue. > > do they? icmp is not only about 'echo'. there's lot of > other functions via type/code - fragmentation, mtu etc, > vital for traffic signalization. administrators, who > b

Re: [Full-Disclosure] Full-Disclosure Posts

>Should Full-Disclosure only allow so-called -real- names? Excellent idea. I'll go first. -- http://www.malware.com ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] Google Desktop Search

Yahoo! is the lamest network online corp wise. The queuing up of security reports and the priority of them is all wrong, me thinks they are a tad under staffed I can access admin areaz of Yahoo!, I have various screenshots to prove it. I gave up contacting Yahoo! after they failed to be polit

Re: [Full-Disclosure] Outlook "cid:" handling - Request for Information

The download restriction is in refernce to remote files. CID: is 'content id' it references the content of the appropriate boundry of the MIME mail message. Which in this case would be an image. The image is encoded and embedded within the mail message itself. Not on a remote server and doe

Re: [Full-Disclosure] Google Desktop Search

What is the added benefit of sending MD5 hashes instead of plain-text passwords? I mean, the MD5 hash will be the same for the same password, isn't it? I hope that Yahoo has implemented something more complicated that that, otherwise it is plain pointless. -- rem. [EMAIL PROTECTED] wrote: Rea

Re: [SPAM] [Full-Disclosure] Your daily internet traffic report

hi, > Most routers will regard any ICMP request to them as a low priority issue. do they? icmp is not only about 'echo'. there's lot of other functions via type/code - fragmentation, mtu etc, vital for traffic signalization. administrators, who blindly closes all icmp traffic are plain stupi

[Full-Disclosure] [FLSA-2004:2072] Updated CUPS packages fix security vulnerability

--- Fedora Legacy Update Advisory Synopsis: Updated CUPS packages fix security vulnerability Advisory ID: FLSA:2072 Issue date:2004-10-16 Product: Red Hat Linux, Fedora Core Keywords

Re: [SPAM] [Full-Disclosure] Your daily internet traffic report

Hugo van der Kooij wrote: On Sat, 16 Oct 2004, RandallM wrote: Router locationindex router1.iust.ac.ir Iran (Tehran) 29 Which one of you are attacking Iran http://www.internettrafficreport.com/asia.htm I am a bit puzzled. Why o they think that some ra

[Full-Disclosure] [FLSA-2004:1237] Updated gaim package resolves security issues

--- Fedora Legacy Update Advisory Synopsis: Updated gaim package resolves security issues Advisory ID: FLSA:1237 Issue date:2004-10-16 Product: Red Hat Linux Keywords: Bugfi

[Full-Disclosure] bmon exploit

details included inside the script Idan. bmon.sh Description: Binary data

Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!

On Sat, 2004-10-16 at 09:46, Tim wrote: > Even if this was a new attack, a full rainbow table shouldn't be > possible against a secure hash. True if the hashes are salted. (with more than one byte please, otherwise they just use 256 DVDs :) > "Pass-phrase LENGTH, not complexity defeats these att

Re: [Full-Disclosure] Any update on SSH brute force attempts?

On Fri, 2004-10-15 at 23:23, Kevin wrote: > Use one time passwords (OTP, e.g. S/Key). How about: Require (long) DSA keys? I'd like to see someone brute-force trough a 4096 bit key :) Cheers, Frank signature.asc Description: This is a digitally signed message part

RE: [Full-Disclosure] Senior M$ member says stop using passwords completely!

I did. He said stop using "passwords". I'm not flamming, I was passing on an article. thank you Randall M <|>-Original Message- <|>From: Aviv Raff [mailto:[EMAIL PROTECTED] <|>Sent: Saturday, October 16, 2004 10:19 AM <|>To: 'RandallM'; [EMAIL PROTECTED] <|>Subject: RE: [Full-Disclos

Re: [SPAM] [Full-Disclosure] Your daily internet traffic report

On Sat, 16 Oct 2004, RandallM wrote: > Routerlocationindex > router1.iust.ac.irIran (Tehran) 29 > > Which one of you are attacking Iran > http://www.internettrafficreport.com/asia.htm I am a bit puzzled. Why o they think that some random routers and I

Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!

On Sat, 2004-10-16 at 11:46, Frank Knobbe wrote: > It's a nice recommendation of MS to make (to use long passphrases > instead of passwords). But I don't consider 14 chars a "passphrase". > Perhaps they should enable more/all password components to handle much > longer passwords/phrases. heh... I

Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!

That much is obvious. Read the the full article, do a little background research and get back to us when you reach a more sensible conclusion. Reactionary conclusions based on obvious article 'skimming' make it apparent you didn't do your homework before posting. FWIW I have used "rainbow" table

[Full-Disclosure] Your daily internet traffic report

Router locationindex router1.iust.ac.ir Iran (Tehran) 29 Which one of you are attacking Iran http://www.internettrafficreport.com/asia.htm thank you Randall M ___ Full-Disclosure - We believe in it. Ch

Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!

> http://blogs.msdn.com/robert_hensing/archive/2004/07/28/199610.aspx Jesus, that guy just doesn't get it, does he? "Pre-computation attacks are a somewhat new and interesting phenomenon we are starting to encounter 'in the wild' through chainsaw security consultants. What they do is they pre

RE: [Full-Disclosure] Senior M$ member says stop using passwords completely!

No... Senior Microsoft member says: use passPHRASES instead of passWORDS. You should read the article before you start flaming. -- Aviv. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of RandallM Sent: Saturday, October 16, 2004 3:14 PM To: [EMAIL PROTEC

RE: [Full-Disclosure] Re: Any update on SSH brute force attempts?

Jay wrote-> ---> Hola a Colombia, Fabio! ---> y Cc: al listo - That's some funny shit mate...security aside ,I've LMAO at this all afternoon. Keep up the good parody. Thanks. Sean. ___ Full-Disclosure - We believe in it. Charter: http://lists

Re: [Full-Disclosure] Re: Any update on SSH brute force attempts?

> And the few present users attempted: > adm > apache > nobody > operator > root In addition to what others have suggested, you could use PAM to enforce account lockouts in the event that the attacker does focus the attempts on a real account. The Linux module for this is pam_tally. You can als

[Full-Disclosure] Senior M$ member says stop using passwords completely!

http://blogs.msdn.com/robert_hensing/archive/2004/07/28/199610.aspx thank you Randall M ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure

[Full-Disclosure] Re: Any update on SSH brute force attempts?

Hola a Colombia, Fabio! y Cc: al listo - Personal aside (others read on below please), Many years ago, my father used to travel there (and many other places in South and Central America) on business. My travels have been fairly wide, but have not yet taken me to your country. Some day! It's a g

[Full-Disclosure] [SECURITY] [DSA 568-1] New cyrus-sasl-mit packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 568-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze October 16th, 2004

Re: [Full-Disclosure] Writing Trojans that bypass Windows XP Service Pack 2 Firewall

Sometimes too much truth hurts. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html