Re: [Full-Disclosure] (no subject)

It's a new variant of the BAGLE worm. Most vendors dont have definition files still. On Mon, 9 Aug 2004 13:03:54 -0600, Jonathan Grotegut <[EMAIL PROTECTED]> wrote: > (In regards to new_price.zip file attachment) > > Anyone have any idea what this is, we had some clients just get pretty > hard w

Re: [Full-Disclosure] (no subject)

this Symantec Rapid Release beta will catch it for NAV users, until they roll-out the next official .def file: On Mon, 9 Aug 2004 14:32:14 -0500, Todd Towles <[EMAIL PROTECTED]> wrot

Re: [Full-Disclosure] found suspicious desktop.ini in startup folders

This typically contains information on directory view customizations, but can also contain some CLSID trickery for special folders, like Favorites. On Tue, 24 Aug 2004 09:55:59 -0500, Andrew <[EMAIL PROTECTED]> wrote: > I actually switched to a OS X PDC and had the same problem when > establishin

Re: [Full-Disclosure] win2kup2date.exe ?

My what a lovely tea party... I had no idea that this is such professional list that I have joined. I'm no old fart, but I feel like I'm in grade school all over again. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-discl

Re: [Full-Disclosure] AV companies better hire good lawyers soon.

I disagree. Programmer's should know to submit their code to the various AV companies in order to avoid false-positives. On Mon, 13 Sep 2004 12:12:35 +0200 (CEST), Feher Tamas <[EMAIL PROTECTED]> wrote: > Analysts urge McAfee to settle out of court on false alarm damages > claim. > > http://new

Re: [Full-Disclosure] AV companies better hire good lawyers soon.

with so-called false-positives on a daily basis without a loss of functionality or ability. On Tue, 14 Sep 2004 09:25:52 +0200, Florian Weimer <[EMAIL PROTECTED]> wrote: > * Micheal Espinola, Jr.: > > > I disagree. Programmer's should know to submit their code to the

Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!

That much is obvious. Read the the full article, do a little background research and get back to us when you reach a more sensible conclusion. Reactionary conclusions based on obvious article 'skimming' make it apparent you didn't do your homework before posting. FWIW I have used "rainbow" table

Re: [Full-Disclosure] House approves spyware legislation

I don't see how this is a law against "hacking", when it is directed at intentional misrepresentation and system modifications of an unsuspecting end-users system. If you want to be a hacking purist, spyware has nothing to do with "hacking". Any laws at this point will help because it will give c

Re: [Full-Disclosure] House approves spyware legislation

Yes, clearly laws don't always work and people find loopholes. So instead of making new ones to compensate, lets just stop. Great idea. I'm surprised that the law enforcement community has not come to this conclusion. ...And don't both discussing the appropriate changes to make to existing flaw

Re: [Full-Disclosure] Hacking into private files, my credit card purchases, personal correspondence or anything that is mine is trespassing and criminal.

I beg to differ. This is not public domain. This is something we all pay for and have a vested interest in. The days of the 'wild west' are over. There is a new sheriff in town. Because of stupid script kiddies and black hat assholes, things are going to change whether you like it or not - whe

Re: [Full-Disclosure] RE: [Full-Disclosure]Open the doors to hell hire a hicker Full-Disclosure Posts

Yea, but the l0pht was never an exploit group. They were the most true hackers I have ever personally known. But it should also be considered that way back then, the youngest member was in his teens, while the rest were significantly older than him. Now, that youngest member (Kingpin) should be

Re: [Full-Disclosure] Re: Web browsers - a mini-farce

Just out of curiosity, can you you refer to anything in a professional manner - or must you always use demeaning word-play against anything you don't like? Also out of curiosity, when do you hit puberty? Perhaps some of us can rejoin the list when you have matured. On Tue, 19 Oct 2004 23:17:16

Re: [Full-Disclosure] Re: Web browsers - a mini-farce

es peers takes place here. This is probably a worthless rant, but regardless of any technical skill at exploiting code that Georgi might have - he comes off as being incredibly immature. On Wed, 20 Oct 2004 00:31:00 +0200, Rainer Duffner <[EMAIL PROTECTED]> wrote: > Am Di, den 19.

Re: [Full-Disclosure] Re: Web browsers - a mini-farce

I know he does, and I respect him for that. In fact, I held him in a much higher ideal of respect until I joined this list. Now he just seems like so many other anti-MS turd evangelists. FD is one thing, but the constant and incessant rantings diminish his reputation as well as any legitimate me

Re: [Full-Disclosure] Windows Time Synchronization - Best Practices

You can certainly have multiple time servers specified with Windows Time Service (SNTP). RTM. It has the ability to failover through a list. If you need the full features of NTP, by all means use a third party daemon. However, in keeping my routers, RADIUS, and Kerberos sync'd properly - I hav

Re: [Full-Disclosure] [off-topic] Gmail won't be 100% free

Why would/should forwarding (for gmail) be free? If you are forwarding the mail, then Google gets no way to incorporate "Sponsored Links". I'd rather have the "Sponsored Links" on the page were they are right now (at the bottom), then ads embedded into the message itself. On Mon, 15 Nov 2004 15

Re: [Full-Disclosure] MSIE src&name property disclosure

Not to be a smart-ass, but - sales reps typically dont know techinical details, nor should they. Got link/more info/etc as to what you are referring to? On Mon, 15 Nov 2004 15:37:42 -0500, Dave Aitel <[EMAIL PROTECTED]> wrote: > > > That's a good question for your Microsoft sales rep. If you w

Re: [Full-Disclosure] Gmail anomaly

Yep, something is awry with Firefox's cookie management. it pisses me off. I disconnect from a site (close the browser), but the next time I open FF, all my cookies are acting as if they are still live. The Maxthon add-on for IE does the same thing Its annoying as hell when you are testing web

Re: [Full-Disclosure] Gmail anomaly

it (back with FireFox 0.9.x) > > Check it out here: > - http://mozdev.sweetooth.org/cookieculler/ > > HTH. It certainly did the trick for me. > > -- > Peace. ~G > > On Fri, 19 Nov 2004 00:10:33 -0500, Micheal Espinola Jr > > > <[EMAIL PROTECTED]&

Re: [Full-Disclosure] Why is IRC still around?

An excellent question. On Fri, 19 Nov 2004 12:40:26 -0500, Danny <[EMAIL PROTECTED]> wrote: > Well, it sure does help the anti-virus (anti-malware) and security > consulting business, but besides that... is it not safe to say that: > > 1) A hell of a lot of viruses/worms/trojans use IRC to wreck

Re: [Full-Disclosure] Why is IRC still around?

Is IRC bad? Yes. Is SMTP bad? Yes. Why? Because they are simple and basic protocol implementations created decades ago. Not that they aren't efficient and easy, but they certainly have their shortcomings in terms of security and AAA. Yes, people can certainly switch to other mediums which wi

Re: joe the "expert" (was Re: [Full-Disclosure] IE is just as safe as FireFox )

Neither viewpoint is 100%. But, over-all I would have to agree with joe. MCSE's (in my experience) are typically not worth the credit [automatically] applied to them - not unless they have the experience to back it. That is of course true for any certification in any industry. MCSE's are easy t

[Full-Disclosure] Lavasoft Ad-Watch SE fails to detect registry deletion

Lavasoft Ad-Watch SE 1.05 fails to detect registry key deletions when the value is null. Not the end of the world, but not a thorough manner of detecting registry changes either. -- ME2 ___ Full-Disclosure - We belie

Re: [Full-Disclosure] I thought Microsoft were releasing new security patches today (11 Jan 2005)?

Nope, its the typically the 2nd Tuesday of the month. Also, they are PST. Myself being EST, I dont expect to see anything until mid-afternoon. MS did pre-announce that there would be a release today. You can verify this on the web site. On Tue, 11 Jan 2005 17:11:17 +0100, Vincent Archer <[EMAI

Re: [Full-Disclosure] MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER

He's referring to Windows Explorer (the Windows GUI interface, C:\WINDOWS\explorer.exe). It is a joke. On Wed, 12 Jan 2005 01:48:29 -0500, Kevin Reiter <[EMAIL PROTECTED]> wrote: > > > : Windows Explorer is an advanced browsing tool made by Microsoft. It is used > : in daily tasks to open fold

[Full-Disclosure] Steam looses its power

At approx. 7PM EST, Steam - the network that powers Valve gaming applications (such as Half-Life 2 and Counter-Strike:Source) - officially lost power. All users/servers simulatenously lost connectivity, and none were available for re-entry - save (1) Half-Life 2 server, WHITE_WIDOW_[S2]. Anyone k

Re: [Full-Disclosure] OT: Tool for sanitizing MS office documents?

Remove Hidden Data Tool 1.1. It's is a free tool from MS, and works on on Office XP and 2003 On Mon, 31 Jan 2005 09:32:13 -0500, David Gianndrea <[EMAIL PROTECTED]> wrote: > I thought I saw s

Re: [Full-Disclosure] A parent's primer to computer slang

Who cares. Its high-level for parents. Why would you expect any of this to be absolutely current or accurate? I would compare talking to most parents similar to talking to PHB's. Is there something here to be disclosed about MS trying to provide information to parents so they at least have some

RE: [Full-Disclosure] IDS Signatures

Thanks for the attachment spam.   -- ME2   my home: my photos:   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of preeth kSent: Tuesday, February 22, 2005 4:36 AMTo: full-disclosure@lists.netsys.comSubject: [Full-Di

Re: [Full-Disclosure] Please help me update my address book on Ringo

This is most likely an address retreiving spam. On Thu, 24 Feb 2005 00:51:00 -0600 (CST), J.A. Terranson <[EMAIL PROTECTED]> wrote: > > On Thu, 23 Feb 2005, Ahmad Naazir wrote: > > > Hi > > > > I'm updating my address book. Please click on the link below and enter > > your contact info for me

Re: [Full-Disclosure] client - server

A MAC address can be queried on a windows box via the registry - if you have access. This can be done with [null] sessions and netbios. So, depending on security, connectivity, access permissions, etc - it may be possible to obtain this information. On Mon, 28 Feb 2005 11:18:49 -0500, Michael H

Re: [Full-Disclosure] client - server

What is the game? Perhaps they are blocking you by an internal User/Player ID number. I know that's how "effective" blocking is done in CounterStrike:Source. On Mon, 28 Feb 2005 17:49:01 +0100, Matteo Giannone <[EMAIL PROTECTED]> wrote: > It is impossible that they banned a block of addresses o