Hi!
[EMAIL PROTECTED] [2005-03-02 5:58 -0800]:
The vulnerability specifically exists due inproper use of then
strncpy function.
The vulnerable code is shown below:
-- snip --
char name[128];
-- snip --
if (ghbn_cache[i].order 0)
{
if (strncmp(name,ghbn_cache[i].name,128) == 0)
no way, really?
On Wed, 2 March, 2005 22:37, Roberto Arias said:
Ignore this message. Testing the maillist
pingywon wrote:
not too /Smart/ you are John
- Original Message -
*From:* John Smart mailto:[EMAIL PROTECTED]
*To:* full-disclosure@lists.netsys.com
===
Ubuntu Security Notice USN-90-1 March 03, 2005
imagemagick vulnerability
CAN-2005-0397
===
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty
[complete snip]
What amazes me most having read this whole thread, is not so much that
a server may have been hacked; this happens if you gain enough
attention from the wrong people and do not build your systems hard
enough (like people in a failing company).
I am amazed that a forensics box was
tru$tworthy computing in action.
- Forwarded message from Shane Hird [EMAIL PROTECTED] -
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Precedence: bulk
List-Id: bugtraq.list-id.securityfocus.com
List-Post: mailto:bugtraq@securityfocus.com
List-Help: mailto:[EMAIL PROTECTED]
hahaha i thought it was hilarious
On Thu, 3 Mar 2005 11:49:25 +1300, VeNoMouS [EMAIL PROTECTED] wrote:
ummm WHO GIVES A SHIT??
- Original Message -
From: [EMAIL PROTECTED]
To: full-disclosure@lists.netsys.com
Sent: Thursday, March 03, 2005 5:47 AM
Subject: [Full-Disclosure] PIVX IS
hi list !
I seeking a source code to retrieve Internet Explorer stored passwords,
like CanAbel do.
If someone had this...
Fred
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
This is almost certainly caused by the old, old, slashdot formatting
bug in the gecko redering engine. I've noticed it's been happening a
bit more frequently in the past day or so, as well. A workaround is
to decrease and then increase the text size (Ctrl-minus,Ctrl-plus),
which forces the
On Wed, Mar 02, 2005 at 08:47:41AM -0800, [EMAIL PROTECTED] wrote:
It is common knowledge amongst the security community that the
reverse shell merger (lowest form of financing generally reserved
for penny stocks and mining stocks) company called PIVX SOLUTIONS
INC has zero traction since its
Wow, James.
Very nice analysis.
You've drawn invalid conclusions based on speculations, but it's the thought
process that matters most in incident response, and you've got a decent ability
to infer possibilities from limited information. At least you get yourself to
the point where you can ask
Hello Frederic,
Thursday, March 3, 2005, 1:27:17 PM, you wrote:
FC hi list !
FC I seeking a source code to retrieve Internet Explorer stored passwords,
FC like CanAbel do.
FC If someone had this...
FC Fred
FC ___
FC Full-Disclosure - We believe in
In a good company Incidence Response isn't dictated by any of what you
said above. It's dictated by policy. Because if you stand around too
long gathering all the information, be it usable or not, you're doing
2 things.
1. You're wasting time.
2. You're possibly prejudicing yourself to one
Anyone know of any free tools to analyze what changes have been made
to a Windows 2000/XP registry?
Thanks,
...D
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
You can, of course, use regmon (sysinternals.com) to monitor the
registry 'live' while changes are being made, however it sounds like you
want a product that would analyse the reg, then re-analyse after
installation, and report on changes.
This would indeed be a handy tool. Anyone know of
Danny wrote:
Anyone know of any free tools to analyze what changes have been made
to a Windows 2000/XP registry?
Thanks,
...D
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
try Regshot. Didin't
Sysinternals Regmon. http://www.sysinternals.com/ntw2k/source/regmon.shtml
Laters,
Dave King CISSP
http://www.thesecure.net
Danny wrote:
Anyone know of any free tools to analyze what changes have been made
to a Windows 2000/XP registry?
Thanks,
...D
___
http://www.sysinternals.com/ntw2k/source/regmon.shtml
Check out all their stuff - filemon is the cousin app for watching
file systems.
On Thu, 3 Mar 2005 10:35:49 -0500, Danny [EMAIL PROTECTED] wrote:
Anyone know of any free tools to analyze what changes have been made
to a Windows 2000/XP
On Thu, 3 Mar 2005 16:14:03 -, Cassidy Macfarlane
[EMAIL PROTECTED] wrote:
You can, of course, use regmon (sysinternals.com) to monitor the
registry 'live' while changes are being made, however it sounds like you
want a product that would analyse the reg, then re-analyse after
Another possibility for static analysis would be to use Regedit to
export the registry to a text file before and after and then use WinDiff
or ExamDiff or some other file comparison utility to find the changes
for you.
Laters,
Dave King
http://www.thesecure.net
Cassidy Macfarlane wrote:
You
On Thu, 2005-03-03 at 10:35 -0500, Danny wrote:
Anyone know of any free tools to analyze what changes have been made
to a Windows 2000/XP registry?
There used to be a company/product called Intact, which provided change
monitoring of Registry settings as part of its HIDS offerings. I'm not
sure
Title: Message
I am trying to write
a program to help people who are addicted to internet pornography. This
application would be tied into an online service where someone could sign up for
monitoring, and download a thin client app. The application would run in
the background of the
Use RegMon for real-time Reg watching and try this product for Snapshot
compares. I haven't used it but it looks to be fun and there is a
write-up in PCWorld about it.
---
Readme file of Regshot 1.61 2002/03/30
Eric Windisch wrote in message news:[EMAIL PROTECTED]
Perhaps this is just the Unix user in me, but I ask:
How about just making a copy of the registry on boot (or at intervals)
and compare it to the last copy?
Note that the following example is untested, but should be mostly
accurate.
I believe the software is Softex TheftGuard. I wonder how this is
possible. I understood that most modern BIOS are protected against
writing. I know there are a fiew viruses that can write to the BIOS?
Anybody know how to store a small program there?
-Original Message-
From:
On Thu, Mar 03, 2005 at 01:44:39PM -0500, Matt Marooney wrote:
I am trying to write a program to help people who are addicted to internet
pornography.
That is very nice of you.
This application would be tied into an online service where
someone could sign up for monitoring, and
Thanks for the feedback Valdis!
I've been doing some reading about custom BIOS chips that include
security programs, so that may not be the way I want to go...
I definatly want the program to behave like spyware, but not show up on
scanners! :)
The intent of the BIOS portion of the program was
Cassidy Macfarlane wrote in message
news:[EMAIL PROTECTED]
You can, of course, use regmon (sysinternals.com) to monitor the
registry 'live' while changes are being made, however it sounds like you
want a product that would analyse the reg, then re-analyse after
installation, and report on
On Thu, Mar 03, 2005 at 01:44:39PM -0500, Matt Marooney wrote:
I am trying to write a program to help people who are addicted to internet
pornography...
This application would be tied into an online service where
someone could sign up for monitoring, and download a thin client app. The
Very true, and I'm sure that I am not going to be able to keep people
from getting around it, I just want to make it really really hard.
Obviously, if the person is smart enough to boot to a different OS,
setup their internet connection on that OS, and browse, then they are
not going to be using
Yes, absolutely. It's called InCtrl5 and it is *exactly* what you both
want.
Found it :
http://publicdata.home.comcast.net/inctrl5.zip
Also note : this is Plugin #56 on PartPE (which would be quite useful
for forensics -- you could boot the undisturbed system under BART, grab
a snapshot, do
On Mar 3, 2005, at 11:40 AM, Christian Leber wrote:
3. I would like to figure out a way to monitor traffic for multiple
protocols (HTTP, FTP, File Sharing, Chat, etc.) . I'm wondering
if there
is a way to figure out bad requests on a packet level.
In the end you are either a
Anybody know how to store a small program there?
It's easy. Use an EEPROM programmer.
On write protected BIOSes all you have to do is figure out which pin
is write_enable (get a pinout from the web) and figure out if that pin
goes to +5v or ground to do what you want. Jumper accordingly.
On Thu, 03 Mar 2005 20:40:00 +0100, Christian Leber said:
There is no reason why someone would sign up for a service that installs
some application that is invisible and not removable and sents data to
some service.
That's assuming of course that the user actually signs up for the service.
Thank you for your wonderful sarcastic wit and humor for the end of my
day. I'm not sure if you checked before making your comments, but there
are already services out there that do this...and make money doing this.
Contrary to popular belief, there are people in the world that want to
get help
On Thu, 03 Mar 2005 15:33:09 EST, Matt Marooney said:
The intent of the BIOS portion of the program was just to have a small
bit of code that checked for the existence of the main monitoring
program on the disk, and if it was not there, reload it somehow.
The main program would run from
No, it would be completely useless. In case you didn't realise, the
registry is not an ASCII text file, it's megabytes of unintelligible binary
gibberish.
True, but there are many programs (the Linux Registry Editor, for
example) that can open it.
Very interesting software indeed, though i am not sure how many people
would like you keeping them honest and nice! Also, i wont be surprised
if someone soon attacked your website for making something that ruined
one of the few businesses on the net that make real money, namely
porn. Not that I am
Hmm... That's all true... Especially the motivated user part :)
I'm banking on the probability that most people don't even know what a
BIOS is. If they go to a site, and sign up for the service, after
entering their info, and email recipients, they would be prompted to
continue and download a
The program in question is quite legitimate in nature and already
exists in several forms.
In some instances, it sends the data to 'accountability partners'
who are your chosen peers that monitor your activity.
Think of it as AA for online porn. Online porn has become a
real problem for males age
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Bill Humphries wrote:
Closing the colleges and sending the youth to work on collective farms
was big in the 1960's.
Now that the communists are gone, someone has to step into their place.
S - don't give the Republicans any more bright ideas...
Regards,
Brent
--
No virus found in this
Hello,
Out of curiousity, isn't it possible/easier to monitor those stats by
viewing your firewall traffic logs?
Goodbye,
Edgardo
On Thu, 3 Mar 2005, Matt Marooney wrote:
I am trying to write a program to help people who are addicted to
internet pornography. This application would be tied into
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Title: Bios programing
Your best bet would be a pci card that
At boot time emulates a ide controller via a compaq flash device and has its own mbr that loads a minni os ala msntv that provides a virtual driver for
Both win and unix platforms ala vmware
That's job is to stream
Matt wrote:
In a good company Incidence
Response isn't dictated by any of
what you said above. It's dictated
by policy.
Good point. Even in a good company, though, incident response often occurs
outside of policy.
An incident response professional who works for clients during emergencies
On Thu, 2005-03-03 at 19:39 +, Dave Korn wrote:
No, it would be completely useless. In case you didn't realise, the
registry is not an ASCII text file, it's megabytes of unintelligible binary
gibberish.
The registry can be exported to ASCII text, edited, and re-imported.
Have you ever
One of the buffer overflows in unace-1.x affects unace-2.x as well.
The Gentoo guys originally found this in a bug report [1] where they
were testing unace-2.2 after upgrading unace-1.2b. As stated there,
unace-2.2 crashes when listing (l), testing (t) or verbosely listing
(v) my bufoflow1.ace
Matt, maybe you should not be so concerned with
trying to put code into the bios; but, rather
install it to the boot sector of the hard drive.
That is copy the monitoring program to the boot sector
That will launch the service you are talking about
And that service can also rewrite itself
Anyone know of any free tools to analyze what changes have been made
to a Windows 2000/XP registry?
Regmon - www.sysinternals.com best and free
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
On Mar 3, 2005, at 1:39 PM, Matt Marooney wrote:
Exactly, thank you Randall. I appreciate your feedback, I'll check
into
your suggestions further.
I like the way you put, this is targeted at adults who are trying to
curb their own behavior. Seems like this list needs more people like
that! ;)
You can, of course, use regmon (sysinternals.com) to monitor the
registry 'live' while changes are being made, however it
sounds like you
want a product that would analyse the reg, then re-analyse after
installation, and report on changes.
I don't know if a free tool like this exist but norton
I don't know if I would want to contribute tio something like this. I
mean this seems like a job for depth psychologists not technical people.
Remember no matter how noble a cause is in theory providing tools for
opression is not a good idea. What you want to do is create unremovable
spyware.
Good God Orwell was right. I mean this is all about terrrorizing and
theatening people. It's just evil. It would be just as easy for some
adware person to accidentally cause something like this to happen for
other less noble reasons. There are probably some pathes we shouldn't go
down nor aid
Title: Message
does
this not look like a big brother watching scheme ?
and
with what areu trying to do how can u monitor if I access all the things
from my own proxy over encrypted tunnels using my own custom protocol
encapsulated over tcp/ip. u cannot detect it
but
from your post it
Surely you can simply export before and after your action and use
windiff on the two files
Mark Handy
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric
Windisch
Sent: 03 March 2005 21:48
To: Dave Korn
Cc: full-disclosure@lists.netsys.com
Subject:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Matt Marooney
Sent: Friday, March 04, 2005 01:35 AM
I want this software to help people who want help, to keep them honest,
and unaware that their system is monitoring activity.
I still don't see any
InstallWatch/InstallRite is a nice tool. Basically, you do a system
snapshot, and then analyze. Registry modifications/additions/deletions
between the snapshot and analysis will be detected by the program. It
can be found here
http://www.epsilonsquared.com/
It can also monitor
I'm banking on the probability that most people don't even know what a
BIOS is.
If your main security is through obscurity then just wait untill someone
post a way to bypass this program and removal instrctions on the net.
On Fri, 04 Mar 2005 09:46:54 +0530, Aditya Deshmukh said:
tell me how me people are going to use a guest accont on their own computer
and then be able to use the computer normally ?
Actually, if the regular user needs more than guest privs to do their
*normal* stuff, the system's security
59 matches
Mail list logo
