failed.
--
Cheers, Chris Howells -- [EMAIL PROTECTED], [EMAIL PROTECTED]
Web: http://www.chrishowells.co.uk, PGP ID: 0x33795A2C
KDE/Qt/C++/PHP Developer: http://www.kde.org
pgpTbQzZkifG0.pgp
Description: PGP signature
___
Full-Disclosure - We believe
Da Plane, Da Plane.
http://www.microsoft.com/security/bulletins/200501_windows.mspx
Tuffer
I could fly like an eagle but weasels don't get sucked into jet engines
___
Full-Disclosure - We believe in it.
Charter:
of for years -- using up Lycos' bandwidth.
Resign or be sacked.
Um, isn't this the message Lycos is trying to send spammers?
Chris
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
be used to counterfeit bills.
It can be done with inkjet printers now.
Anyhow, my $0.02. I probably won't be buying a new (or old) color
laser printer in the near future.
Chris
--
Chris Umphress http://daga.dyndns.org/
___
Full-Disclosure - We believe
the same level of
anonymity that IRC gives to people. Or some poor soul's blog would be
overrun with comments. Unfortunately, all of the things you have
listed as the downside to IRC would happen anyway.
My 2c worth
--
Chris Umphress http://daga.dyndns.org
there is some great stuff developed on irc. have you ever used a
cvsbot? I just love those check-in privmsg notifications.
chris
==
'when all you have is a nail-gun, every problem looks like a messiah'
Danny wrote:
On Fri, 19 Nov 2004 17:10:13 -0500, Tim
[EMAIL PROTECTED] wrote:
My mistake; I
Be fair now...
NOTHING is more fucked up than the US election.
Not even Microsoft?
-ouch-
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
--
Chris Umphress http://daga.dyndns.org/
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
On Thursday, October 14, 2004 3:13 PM, Deigo Dude wrote:
ftp://ftp.hq.nasa.gov/pub/nickname/
The list contains the full name, email, phone, fax, position,
building, room, and employer. When will they learn.
It's also called FOIA: The Freedom of Information Act. _Anyone_can request
that
-existant).
arj does ask if you want to overwrite an existing file.
--- snip
[EMAIL PROTECTED]:/home$ ls -l /usr/local/bin/test.txt
/usr/bin/ls: /usr/local/bin/test.txt: No such file or directory
[EMAIL PROTECTED]:/home$ ./chris/test/arj x chris/test/test.arj
ARJ32 v 3.10
, user_priv and every column of 'mysql.user' apart from
'password', and 'select' their privs out manually. This may be
dangerous, so be careful.
Hope that helps... :o)
-chris.
Willem Koenings wrote:
hi,
I'm wondering how dangerous it is to allow a user on a
mysql db to view the grants
Thanks for posting this man, I saw these at comp usa the other day and
wondered if they could be made to work under linux, just haven't gotten
around to searching fot the info yet. Now I don't have to :)
chris
http://stageofbattle.org
On Monday 11 October 2004 2:29 pm, KF wrote:
The package
it removing one ../ from the filename I gave it, it
worked exactly as I expected.
-- Chris
--
Chris Umphres http://daga.dyndns.org/
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
to pick an alternate location
to extract to.
/me wonders about which version of arj/unarj doubles is talking about
I don't see a problem, but it would be interesting to see which
version doubles is refering to.
--
Chris Umphres http://daga.dyndns.org
with this.
I hope this gives you some ideas.
--
Chris White [EMAIL PROTECTED]
Sound | Video | Security
ChrisWhite @ irc.freenode.net
signature.asc
Description: OpenPGP digital signature
not have an administrator
password and the local login administrator/blank has been known
about for some time. The reseting the password message is indeed
not from IBM but in Microsoft XP itself. I just went to change my
administrator password and indeed I got this warning.
--
Chris Norton
UAT
to disable or change
the
Administrator name and password or to disable the account completely.
--
Chris Norton
UAT Student Software Engineering Network Defense
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
MY POC!
[EMAIL PROTECTED] h4x0r $ echo bipin sucks hax
[EMAIL PROTECTED] h4x0r $ chmod -rwx hax
[EMAIL PROTECTED] h4x0r $ ls -alo hax
-- 1 chris 12 Aug 23 21:58 hax
[EMAIL PROTECTED] h4x0r $ cat hax
cat: hax: Permission denied
[EMAIL PROTECTED] h4x0r $ sudo cat hax
bipin sucks
[EMAIL
release information:
http://gallery.sourceforge.net/article.php?sid=134
-Chris Kelly
Gallery Project Manager
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
the upstream is patched).
Chris
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
For those interested a forum has been created at
http://isc.sans.org/xpsp2.php
The purpose of the forum is to share factual experiences with XP SP2 in an
effort to help others who may run into similar problems.
- Chris
-Original Message-
From: Gregory A. Gilliss [mailto:[EMAIL
That's hilarious! Are there a lot of null-pointer exceptions for
fully patched IE? (I'm fairly new to The List)
On Sun, 11 Jul 2004 09:28:34 +0200, Berend-Jan Wever
[EMAIL PROTECTED] wrote:
I just wrote a small poem in JScript:
SCRIPT language=javascript
MSIE = window.open; // for
RSnake wrote:
writeable, but the drives aren't removeable on CDs. That of course isn't true
if you have a USB drive, but I think part of the deal there is that you need to
install special drivers to even read USB CD drives.
...that's not true ;-)
Chris
--
Simplistix - Content Management, Zope
train your users in a single way no matter where they're working.
Chris
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Bypass
Severity: Low-Allows Users to bypass license restrictions
Exploitation: Editing .key file
Reported to Vendor: 20 April 04
Vulnerability Resolved: 16 June 04
Author: Chris Hurley, Assured Decisions LLC
e-mail: [EMAIL PROTECTED]
URL
Todd Burroughs [EMAIL PROTECTED] wrote:
They are planning to get into a market that gaurds against the failures
in their own product. I don't like this, as it seems that they are going
to be in a position to intentionally make holes that their anti-virus
software will fix. If we had a more
I hate to say this, but I don't think Microsoft software could be any
worse than Symantec...
Andre Ludwig [EMAIL PROTECTED] wrote:
Think the mafia refers to this as a protection racket...
man so much can be made of this its a techy comedy gold mine.
our software sucks so bad that the
I've just been told that it was a DoS. No details.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Niek Baakman
Sent: Tuesday, June 15, 2004 09:58
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Akamai
Hi list,
akamai disappeared from
http://www.washingtonpost.com/wp-dyn/articles/A43635-2004Jun15.html
Need to register, but it's no hassle.
I'd mirror to my server, but copyright blah blah blah.
Anyone have any more info?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
james
When run remotely:
Line: 1
Char: 1
Error: Access is denied.
Code: 0
URL: http://62.131.86.111/security/idiots/repro/installer.htm
When run locally, software installation is blocked.
Using IE 6.0.2900.2096 SP2, WinXP SP2
I've gotta say that SP2 has some VERY nice protection builtin. On the
When run remotely:
Line: 1
Char: 1
Error: Access is denied.
Code: 0
URL: http://62.131.86.111/security/idiots/repro/installer.htm
When run locally, software installation is blocked.
Using IE 6.0.2900.2096 SP2, WinXP SP2
I've gotta say that SP2 has some VERY nice protection builtin. On the
: Jelmer [mailto:[EMAIL PROTECTED]
Sent: Sunday, June 06, 2004 22:17
To: Chris Carlson
Cc: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] Internet explorer 6 execution
of arbitrary code (An analysis of the 180 Solutions Trojan)
I haven't installed SP2 yet since I heard a lot of complaints
is coming through, but getting deleted.
It requires Python, keeps an extensive log and has reasonably
good exception handling. It has been running stably for months now.
Hope this is useful.
Please reply off-list.
Best,
Chris Faigle
IS Security
University of Richmond
anyone shed some
light on the situation?
Chris
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
)
Blackthorn Systems (www.blackthornsystems.com)
Michigan Wireless (www.michiganwireless.org)
Good luck and have fun.
Chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAp9LROyWtx0MtxawRArlGAKCiACQXNpX2Bwna1bu7tKEPA+VhrgCgjGzf
0C9YTS5l6udYcNre/DkSqtw=
=ZVIh
-END PGP SIGNATURE
the vulnerability
before it was exploited. What the fuck else do we want? Bill Gates to
personally fly out and patch our systems for us?
Sorry for the rant guys...
Chris Locke
http://stageofbattle.org
On Fri, 2004-05-14 at 10:27, Radule Soskic wrote:
I can't post this to all the threads that I would like to, so
to that.
Chris
[1] I say close because it may be legally useful to say the network was
restricted if you need to sue a spammer or something.
smime.p7s
Description: S/MIME cryptographic signature
Don't feed the trolls
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
http://www.sysinternals.com/ntw2k/source/regmon.shtml
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Well, my opinion of this group just went down a few notches. As hard as it may be to believe, there are actually some people that want to use tools like this to safeguard their applications. Grow up.starwars [EMAIL PROTECTED] wrote:
Chris Sharp wrote: I've been trying for some time now to use
know of plenty. I just want something comparable to psexec that will
run on *nix.
- Chris
[1] http://www.sysinternals.com/ntw2k/freeware/psexec.shtml
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
exist. In that case, I'll go make
one. I'm just trying to save myself some time here.
-Original Message-
From: Michael Gargiullo [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 06, 2004 14:54
To: Harlan Carvey
Cc: Chris Carlson; [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Psexec
execute a
command on the remote system.
I need this for unix.
Any more questions?
- Chris
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 06, 2004 15:50
To: Chris Carlson
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Psexec on *NIX
It looks like everyone is successfully beating the shit out of the wrong
bush(es) here. Let's just end this. The tool I want does not exist, so
I'll go make it.
Thanks to those who gave relevant responses.
- Chris
___
Full-Disclosure - We believe
will not shell out the money
for a more sensible solution for software management such as SMS.
Again, if you don't like it, get over it.
- Chris
-Original Message-
From: Exibar [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 06, 2004 18:50
To: [EMAIL PROTECTED]
Subject: RE: [inbox] RE: [Full
can configure the .bad file. Currently I'm getting false-positive results for the user ID's and Passwords being used. Any help is appreciated.
Thanks,
Chris S.
Do you Yahoo!?Win a $20,000 Career Makeover at Yahoo! HotJobs
without appropriate patch, all crashed.
|-+--
| | Chris Scott |
| | [EMAIL PROTECTED]|
| | Sent by: |
| | [EMAIL PROTECTED
Heres my two cents :-/
Exploit code is better kept private.
Advisories should be public.
Why?
Because exploit code is not easy to write depending on the bug. And I
for one sure dont want some 'penetration tester' taking my code and
plugging it into his automated scanner and collecting the
Tested against Windows XP Pro without the appropriate patch, it crashes the
service and initiates a shutdown timer.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Tuesday, April 27, 2004 6:24 PM
Subject: [Full-Disclosure] LSASS
Consider also a hardware firewall that runs at Layer 2, this way you get the
filtering but you don't have to do any routing or NAT. These are the same as
transparent firewalls, as they do not have an IP address unless it is for
a management interface. I believe Netscreen currently has the ability
about the bug or where it came from except
that it has evaded all attempts of these users to be removed. Ad-Aware, the Cleaner
and other similar tools all fail. If you have any information about this, or can
direct me to a binary copy of the bug, please let me know. Thanks.
- Chris
º
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The new versions of NetStumbler and MiniStumbler have been released. They
are available for
download at http://www.stumbler.net
Thank you Marius for your hard work on NetStumbler and MiniStumbler.
Chris
-BEGIN PGP SIGNATURE-
Version: GnuPG
whatsoever, arising from or in connection with the
usage of information contained within this notice.
© 2004 Crown Copyright
Revision History
April 20, 2004: Initial release (1.0)
End of NISCC Vulnerability Advisory
--
Chris McCulloh
Secure Systems Architect
Sinetimore, LLC
e: [EMAIL
the strong end-to-end encryption already included in most
common services.
Chris
smime.p7s
Description: S/MIME cryptographic signature
.
Chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAfStwOyWtx0MtxawRAqOCAJ9W/sOzRFniJ+mA+KFYcxIzk42TYACfYfqb
+aSyKKcFN9I2k3i4a7GQrnw=
=3YlQ
-END PGP SIGNATURE-
___
Full-Disclosure - We believe in it.
Charter: http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nico Golde wrote:
Hallo chris,
i don't understand your problem.
i tried:
[EMAIL PROTECTED]:~] $ ls -al test
-rw-r--r--1 nico users 6 2004-04-08 11:46 test
[EMAIL PROTECTED]:~] $ testtest
[EMAIL PROTECTED]:~] $ ls -al test
-rw-r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This also works with the 2.4.24 Linux kernel (Slackware 9.1):
[EMAIL PROTECTED]:~$ more testfile.txt
Let's try this in Linux
[EMAIL PROTECTED]:~$ ls -al testfile.txt
- -rw-r--r--1 chrisusers 24 Apr 7 12:43 testfile.txt
[EMAIL
chris writes:
This also works with the 2.4.24 Linux kernel (Slackware 9.1):
It's the shell, not the kernel. When you say ./foo ./foo, the shell
interprets ./foo FIRST and does something like open(foo, O_TRUNC |
O_CREAT).
Take a look at any Unix shell document and the open(2) man page
On Friday, March 26, 2004 1:22 PM, Mortis wrote:
My message was only intended as a morning chuckle. I thought
perhaps even Gadi would laugh at it (something is the
sincerest form of something or other). I'm sorry I have such
a rotten sense of humor. This list gets to ya once in a
.
They stressed that the hard-drives went as well, so
make sure backups were pretty frequent.
I don't know, mabey if the techs were actually from
Dell, they would be a bit more responsive...lol
Chris
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]Sent
reports out of Dell, depending who we talk to. The support
technicians have all said they have seen 3 or 4 of these failures each over the
past 6 months or so, but our account manager kind of glosses over the
problem.
Any feedback would
be appreciated.
thanks,
Chris
Cozad
IT Infrastructure
On Wednesday, March 10, 2004 9:44 AM, Steven Alexander wrote:
http://www.msnbc.msn.com/id/4460349/
The drugs and the crime fit neatly together; addicts strung
out on meth can stay awake and focused for days at a time,
making them expert hackers and mailbox thieves. And ID theft
is easy
resolution (search for
antisniff if you want a tool which does this) - other than that,
there's really no way to find a sniffer. Your best bet is to use strong
encryption so it no longer matters if someone is sniffing traffic.
Chris
smime.p7s
Description: S/MIME cryptographic signature
Gyrniff wrote:
As I recall the -L option (persistent listener) only works on the windows
port.
If you want it for Unix:
--- nc110/netcat.c 1996-03-20 16:38:04.0 -0800
+++ netcat.c2004-03-07 18:17:55.0 -0800
@@ -73,6 +73,7 @@
#include errno.h
#include signal.h
thought) happens when the virus
writers start sending attachments using that magic extension and include a
social-engineered message in the e-mail to rename this thing to a .exe and
execute it.?
cdv
Chris DeVoney
Clinical Research Center Informatics
University
at:
http://www.canada.com/vancouver/story.html?id=511952d3-89a0-4a03-a092-be29eaeb346f
Gadi Evron.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
+--
| Chris Gundersen
Multiple issues with Mac OS X AFP client
Background
The standard Apple Filing Protocol[1] (AFP) does not use
encryption to protect transfered data. Login credentials may be sent
in cleartext or protected with one of several different hashed
exchanges or Kerberos[2]. There does not appear
-integrated and painless to
install before they're going to have a chance of getting it; that
critical mass is important both for making commercial developers care
about it and removing the confusion disincentive for using it.
Chris
smime.p7s
Description: S/MIME cryptographic signature
On Feb 27, 2004, at 9:24, Chris Adams wrote:
Multiple issues with Mac OS X AFP client
Vendor Response:
None
After some discussion with someone on Apple's product security team it
turns out that I was responsible for the lack of response - my original
notice went to Apple corporate security
by the MTA on delivery to recipients
(except perhaps the recipient who was listed in the BCC field, but I'm not
sure and will most likely vary between MTA).
I'm sure the SMTP RFC would probably help out on this.
Cheers,
Chris.
___
Full-Disclosure - We
.
-chris
--
Chris McCulloh
Secure Systems Architect
Sinetimore, LLC
e: [EMAIL PROTECTED]
t: 212.504.0288
f: 212.656.1469
w: http://www.sinetimore.com
a: 40 Broad Street, 4th Floor, New York, NY 10004, USA
key: http://www.sinetimore.com/chriskey.pub
: [ 9508 07E0 9E6C DD05 4419 40FA
Full doesn't necessarily mean immediate.
...ducks for cover...
-chris.
On Wed, 18 Feb 2004, Replugge[ROD] wrote:
Isn't this the full disclosure mailing list?
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] En nombre de Paul Starzetz
Enviado el: Miércoles
Unfortunately, considering the date on the story is Friday, 27 October,
2000, 16:23 GMT 17:23 UK I would have to say no, it doesn't count as
confirmation.
Please do remember to check story dates before posting them.
-chris
On Thu, 12 Feb 2004 15:55:17 Gregory A. Gilliss
[EMAIL PROTECTED] said
On Wednesday, February 11, 2004 1:34 PM, Michael De La Cruz wrote:
I was doing a forensic examination on Microsoft's Virtual PC
2004 software, and came across some Microsoft pictures I
hadn't seen on an installed version of Windows 98 before. I
know this isn't much of an
Well, thats one way to drum up some free articles for your rag.
lol
Chris Cozad
Invocare Australia Pty Ltd
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of roberta
bragg
Sent: Thursday, 12 February 2004 1:21 PM
To: 'Cael Abal'; [EMAIL PROTECTED]
Cc: 'Keith
No dude they are very real. There was a post on /. a couple of weeks ago
about them.
Chris Locke
http://stageofbattle.org
On Tue, 2004-02-10 at 15:48, Georgi Guninski wrote:
http://www.microsoft.com/education/?ID=SecurityPosters
there are posters like Hackers Ahead, Internet Worm Crossing, Do
Hey Chris.
Hey Cesar.
First of all, your advisories are a bit wrong:
...Systems Affected: Oracle 9 prior to 9.2.0.3
Actually Systems affected are Oracle 9 prior to
9.2.0.4 (Patchset 3).
The date in Metalink site of the Patch that fixes
these vulnerabilities is January 2 and your
hey what do ya know it works :-/
(slack 9.1)
[EMAIL PROTECTED]:/HDB/mycode/ex$ ./ex_bof
Please enter the values as requested . . .
Enter the vulnerable program path: /usr/bin/gnuchess
Enter the vulnerable program name: gnuchess
Enter any arguments the program requires: -s
Enter an offset: 0
Enter
in.
Cheers,
Chris.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
/printer/scanner that has persistent internal storage or is
network connected.
And for that matter, we're also setting up bridging firewalls on some of the
units that contain an actual PC inside to manage the scanning functions,
such as the Canon ImageRunner series.
cdv
Chris
Has anyone been following the thread on NTCanuck ref a DOS vulnerability
they have discovered using UDP? I have no further info than what is in this
thread:
http://ntcanuck.com/net/board/index.php?showtopic=175
But if all that they say is true.We could be busy!!
Chris Brown
Senior
-Original Message-
From: Chris Brown
Sent: 21 January 2004 18:57
To: Lee
Subject: RE: [Full-Disclosure] DOS all platforms
POC has been sent to CERT but they have yet to release it. I am not trying
to be clever but how does your Firewall connect to the Internet if not
through a router
KF wrote:
cached copy?
-KF
No sir:
And if I'd been there I'd known it. And I don't think Mozilla happens to
have an idle
auto-caching function for http://www.net-security.org out of the box?
Mozilla may not - but your ISP may.
I get the oingo list of directories.
Kind Regards,
Chris
over having nothing between Annie and the Internet.
--Chris
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erik van
Straten
Sent: Thursday, January 15, 2004 7:55 AM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] UTTER HORSESHIT: [was January 15
software.
I would still use AV software, but I am paranoid :) If you don't have AV
software how do you know you get 70 viruses form cracked Windows machines
daily?
Regards,
--Chris
smime.p7s
Description: S/MIME cryptographic signature
this? I'm thinking maybe the default whois server
that the whois program queries has been compromised? I'm not sure what the
default whois server is.
-Chris
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
on.
- Chris
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jason
Sent: Monday, December 22, 2003 22:24
To: Schmehl, Paul L
Cc: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Removing ShKit Root Kit
OK, so how does the attacker get the ADS to run? If you open
On Saturday 20 December 2003 13:21, gazpa wrote:
But where are that weapons???
It's the size of the weapons so little, that are in a tobaco box into an
Iraki pocket
But you said that USA have that weapons what is the diference???
USA is the only country in the world that have used
the objdump on the ifconfig binary and im pretty sure theres a few
sockets calls in there that dont belong. So im sure it was rooted.
Chris
www.cr-secure.net
Alexander Schreiber wrote:
On Sun, Dec 21, 2003 at 07:28:55PM -0500, Chris wrote:
Can anyone reccomend some links or useful information
Can anyone reccomend some links or useful information for removing the
ShKit Rootkit. CHKROOTKIT detected this thing on a RedHat 8.0 server
owned by a client of mine.
Searching for ShKit rootkit default files and dirs... Possible ShKit
rootkit installed == chkrootkit output
I have only read
of course, CERT, like many federal sites realted to net sec
issues, NIPC, local infrgard chapters, the new homeland sec
dept, all will know after all the sources below have first
fed on the info and rumors for a week or too prior. So, if
CERT truely sucks, it sucks slowly...
CERT is
Hey Frederic
Maybe you should take a look at the IDS focus forum
http://seclists.org/lists/focus-ids/2003/Dec/index.html as there is a
thread on there extolling the virtues of Symantec's Manhunt, I use it
(amongst others) and it certainly does what it says on the tin, but can be
sensitive to
On Thursday, December 11, 2003 1:18 PM, [EMAIL PROTECTED] wrote:
On Thu, 11 Dec 2003 12:51:11 PST, Barrett, Rob
[EMAIL PROTECTED] said:
Question: Do you think finding a mentor in the field is a
good way to
go? I am primarily focusing on securing M$ OS's and their
communications.
a href=http://www.citibank.com;
onClick=location.href=unescape('http://[EMAIL PROTECTED]
om'); return false;Citibank/a will show http://www.citibank.com in the
status and location bar but direct them to wells fargo.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
At last the answer...
http://www.lurhq.com/sinit.html
Appears that the increase in DNS traffic is down to the Sinit P2P trojan.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
behaviors) as mitigating circumstances when entering the sentence...
cdv
Chris DeVoney
Clinical Research Center Bioinformatics
University of Washington
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul Farrow
Sent: Friday, December 05, 2003 8:40 PM
On Friday 05 December 2003 18:11, Aaron Peterson wrote:
would an innovative mailing list administrator please create
[EMAIL PROTECTED] and force some of these bozos
over there?
Aaron
What, like you?
Seriously, how old are you? 10?
--
I believe the technical term is Oops!
On 29/11/03 12:30 -0800, Chris Adams wrote:
On Nov 29, 2003, at 2:47, Choe.Sung Cont. PACAF CSS/SCHP wrote:
Bill Royds wrote:
If you are truly interested in security, you won't use C as the
programming language.
You must be shitting me.. C does have its inherent flaws but that
doesn't
, it injects itself into the running process, not the
executable, so checking MD5 hash's would yeild nothing in this case.
APRE tool: http://www.megasecurity.org/trojans/a/apre/Apre1.0.html
Trojans for $$$ website: ?
www.evileyesoftware.com.
Kind Regards,
Chris Rose
On Wed, Nov 19, 2003 at 03:52:57PM -0500, Crispin Cowan wrote:
i think hey, obsd sucks, therefore i am.
--
Crispin Coward, Ph.D. http://immunix.com/~crispin/
^^
Just in case anyone was having doubts about the origin of that message.
-Chris
pgp0.pgp
1 - 100 of 170 matches
Mail list logo