content, or flat out block it. There's certainly
room for improvement, but it's a start.
Here is the response from Trend, dated Jan 24th, 2005:
Dear Darren,
Here is the Official Statement from our Scan Engine Team.
1. Explanation of the vulnerability
This vulnerability arise because our products
, be it a TCP SYN-ACK, an ICMP
unreachable of some sort or just an ICMP echo reply, it will quite
happily find it's way to the internal host whom you spoofed for review.
Thanks,
Darren Bounds
Intrusense LLC.
--
Intrusense - Securing Business As Usual
On Jan 28, 2005, at 5:45 PM, cyberpixl wrote:
I've been
imbedded in HTML in this manner.
Thank you,
Darren Bounds
Intrusense, LLC.
--
Intrusense - Securing Business As Usual
On Jan 11, 2005, at 2:14 PM, Danny wrote:
On Mon, 10 Jan 2005 14:08:11 -0500, Darren Bounds
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Multi-vendor AV
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I'm looking for security contact information for the following vendors:
- Sophos
- Trend
- McAfee
- Norman
- Norton
Any assistance would be greatly appreciated.
Thank you,
Darren Bounds
Intrusense, LLc.
-BEGIN PGP SIGNATURE
.
Contributions:
Thanks to Scott Roeder and Jacinto Rodriquez their assistance in
platform testing.
Thank you,
Darren Bounds
Intrusense, LLC.
http://www.intrusense.com
- --
Intrusense - Securing Business As Usual
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (Darwin
.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
I have never replied to anything on this list (I read it to keep up to date
on vulnerabilities, but im not really qualified to contribute anything) but
this particular message has peaked my interest.
1. Agreed, by using flaws in IE they then go on to subvert mirc into
spamming people.
2. They
If you can't find the tool on your own that can reset the local admin
account you need help. I carry it in floppy and cd form with me
incase I ever have a server I'm working on that no one knows the
passwords to.
Learn to use search engines before you start making yourself look silly.
On Thu,
Can you verify if you have any connections making it out to that
212.175.149.149 address? It appears to be a host located in Turkey.
I may have already pulled the whois info on this host from ripe.net
From looking at the contact info for the host is looks like possibly a
broadband provider in
a lot of sense.
I don't know if this is the real scope of the research being done, but
I'm pretty sure it's at a level deeper than the lets snoop/spy on traffic
and see who's doing what.
Darren
___
Full-Disclosure - We believe in it.
Charter: http
working.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
news? One would think you wouldn't first
hear about it through spam.
It is quite possible to hide processes, reg keys and files, and is often
done by various malware.
Are they capable of hiding from ps when using the posix shell from
Windows Services for Unix ?
Darren
a read of this:
http://www.crn.com/sections/breakingnews/breakingnews.jhtml?articleId=23905071
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
the gateway including local subnet
traffic. Easily subverted.
Thanks,
Darren Bounds, CISSP
443D 628D 0AC7 CACF 6085
C0E0 B2FC 534B 3D9E 69AF
- --
Intrusense - Securing Business As Usual
On Aug 5, 2004, at 11:15 PM, Dan Taylor, Jr. wrote:
I have encountered a few 802.11b public access points (I
I put it on
a web page, I got the usual half dozen alerts about do you want to run
javascript, etc. that even if I said yes to it didn't work.
Did you get that popup box when you tested your script below ?
Darren
In reply the discussion found at:
http://seclists.org/lists/fulldisclosure
In some mail from Gary E. Miller, sie said:
Hash: SHA1
Yo Darren!
On Thu, 15 Jul 2004, Darren Reed wrote:
Have you ever actually used format on Solaris to format a SCSI disk ?
Yes, many times.
...
If I have been simplifying things a bit much it is because I am
not sure how many
In some mail from Gary E. Miller, sie said:
On Wed, 14 Jul 2004, Darren Reed wrote:
Too bad the pc Unixes don't have a format command like Sun has had
for Solaris/SunOStells the hard drive to 'format' and then tests
with a number of test patterns.
You can not really force a low
Too bad the pc Unixes don't have a format command like Sun has had
for Solaris/SunOStells the hard drive to 'format' and then tests
with a number of test patterns.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com
could see
the CLSID.
Maybe it is because I've disabled the Hide extensions for known file types
in Explorer's View Folder Options ?
Did you try this ?
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
In some mail from Barry Fitzgerald, sie said:
Darren Reed wrote:
A simple solution would be to add the shell protocol to this list.
Personally I think a secure blacklist is hard to maintain as new
dangerous external protocols could be invented by third-parties leaving
Mozilla vulnerable again
their new stuff inside the safe ones.
Kind of like how http is declared safe (but is it really??) and so
every man and their dog tunnels their proprietary stuff through that
because it'll go through firewalls.
Darren
___
Full-Disclosure - We believe
to nominate them as potential candidates for this ignomious
award.
Cheers,
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
In some mail from Gary E. Miller, sie said:
From: Darren Reed [EMAIL PROTECTED]
You gotta be more specific than FW-1. FW-1 can run over a large number
of OS. You can get FW-1 for WinNT, Solaris, Linux, BSD . Each has the
strengths and weaknesses of the underlying OS. Also FW-1 can
Mohit Muthanna wrote:
I'd suggest you read up on SNMP. And check out the following tools
(google them):
- net-snmp ( an SNMP agent )
- nagios ( very sophisticated network management tool )
- nmap ( good discovery tool )
- ntop ( traffic analysis, RMON agent, performance monitoring )
- sar ( system
I'm looking for a mailing list where security-related topics are
discussed, something filled with information on vulnerability threats
and discussion of those threats and their defenses.
Somebody said full-disclosure was such a list, but all I see is a lot of
rambling, unrelated bullshit.
In some mail from Paul Schmehl, sie said:
--On Wednesday, June 16, 2004 11:53:23 AM +1000 Darren Reed
[EMAIL PROTECTED] wrote:
This is a whole new play ground for organised crime, mostly thanks
to Microsoft. You've got millions of PC's around the world that
are largely, in one way
to be no offering of protection from attack
by others.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
,
Darren Bounds, CISSP
443D 628D 0AC7 CACF 6085
C0E0 B2FC 534B 3D9E 69AF
--
Intrusense - Securing Business As Usual
On May 29, 2004, at 7:03 AM, ph03n1x wrote:
Hello
I'm kinda new to this list and this is my first post so be nice to me
:)
Well I got an Intrusion Detection and Prevention System from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I believe that's actually a new AGOBOT variant. As far as I know it
actually exploits the MS PCT vulnerability. It also modifies the HOSTS
file to redirect AV vendor addresses to localhost.
Thanks,
Darren Bounds, CISSP
443D 628D 0AC7 CACF 6085
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://www.ietf.org/internet-drafts/draft-ietf-tcpm-tcpsecure-00.txt
Darren Bounds, CISSP
443D 628D 0AC7 CACF 6085
C0E0 B2FC 534B 3D9E 69AF
- --
Intrusense - Securing Business As Usual
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (Darwin
.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
...
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
___
Full-Disclosure - We believe
Maybe they're referring to Windows NT having a heritage of core design
from people who worked on VMS (which does predate the Internet.)
In some mail from Ng, Kenneth (US), sie said:
What quantum universe is this guy coming from? I don't know the start of
the internet, but the date on the
bigger significance for IPv6 where ARP messages have been
replaced with ICMPv6 messages.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
that, it would be a seriously naughty thing to do but I can't
see that talking about doing it is O:-)
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
In some mail from Roy M. Silvernail, sie said:
On Sun, 2004-02-22 at 09:53, Darren Reed wrote:
Make sure there are no finger prints or hairs or dead body cells
in/on those CD cases, of course, from those who made them. If you
were evil you might try put evidence, in there, that points
RE: the signature on this email.
... additionally, GFI MailSecurity creates a huge spam attachment at
the bottom of every message. :)
-Darren
On Mon, 2004-02-09 at 00:24, David Farinic wrote:
martin f krafft [EMAIL PROTECTED] wrote:
In Germany, and maybe in other parts of the world, some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I think Dan Morrill came pretty close to hitting it on the head. However,
I don't believe passion is enough. I've known a number of security professionals
who loved what they did but lacked the intelligence and therefore understanding
to do anything
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The only difference between a 'script kiddie' and 90% of the 'security
experts' out there are the tools they use.
They're both clueless but at least the 'script kiddie' didn't spend $5000
on ISS Hackcamp to learn his techniques.
-BEGIN PGP
, it'd be supporting building a
kernel module without requiring /usr/src/linux to be present...but I
can hear the screams already telling me why that's such a bad idea :)
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full
In some mail from Jeremiah Cornelius, sie said:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 28 January 2004 17:59, Darren Reed wrote:
Now if someone wanted
a *real* 2.7 feature to add to linux, it'd be supporting building a
kernel module without requiring /usr/src/linux
Jonathan-
I will officially rename 'Forgate' to '4g8' later this evening.
Good luck with Fortinet Inc. and 'Fortigate' for that matter.
Regards,
Darren Bounds, CISSP
Intrusense LLC.
http://www.intrusense.com
--
Intrusense - Securing Business As Usual
On Jan 26, 2004, at 4:02 PM, Jonathan
on FreeBSD, and Linux.
Regards,
Darren Bounds, CISSP
Intrusense LLC.
http://www.intrusense.com
- --
Intrusense - Securing Business As Usual
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFAEW5LsvxTSz2eaa8RArOKAJ9hUaiwVdZkzpOsCd5KwIn3Z1QZ6wCfVN5u
nwBDbw8lO9xixcK3H1J+0uc=
=pfQ
Hi Max,
This version offers no additional functionality (in fact it's quite
lacking by comparison) but forth coming versions will... :)
Darren Bounds, CISSP
Intrusense LLC.
http://www.intrusense.com
--
Intrusense - Securing Business As Usual
On Jan 23, 2004, at 4:32 PM, Max Valdez wrote:
What
To put my comments in perspective, I immersed myself in postscript at a
time when level 2 was new and there it not really documented.
In some mail from Michael Zimmermann, sie said:
At Freitag, 23. Januar 2004 06:01 Darren Reed wrote:
First, remember that postscript has been designed
? Was is a misconfiguration on my part?
-Darren
--
---
Darren Bennett - CISSP
Sr. Systems Administrator/Manager
Science Applications International Corporation
Advanced Systems Development and Integration
Bill,
In windows 2k pro it is even 538. Are you talking about win 2k server
only? In either case, logout events in win2k pro are broken. If anyone
has a fix, I'd be happy to hear about it.
-Darren
On Mon, 2003-11-10 at 16:44, Bill Royds wrote:
The logout even is event number
Microsoft that is supposed to fix this and the patch didn't
work. Anyone else seen this behavior? Any suggestions on how I could
record logout events without relying on MS?
-Thanks,
Darren
---
Darren Bennett - CISSP
Sr. Systems
--
---
Darren Bennett - CISSP
Sr. Systems Administrator/Manager
Science Applications International Corporation
Advanced Systems Development and Integration
---
___
Full-Disclosure - We
as it is today and as such is at a considerable
disadvantage in many ways to more modern mail software programs such as
Exchange or postfix or qmail when compared in this manner.
Darren
___
Full-Disclosure - We believe in it.
Charter: http
Verified.
I was successful in changing the password of current user (myself) with
an open terminal in focus on the desktop.
Darren Bounds
Intrusense LLC.
http://www.intrusense.com
--
Intrusense - Securing Business As Usual
Date: Tue, 28 Oct 2003 17:46:41 +0100
From: kang [EMAIL PROTECTED
a personal attack. It's more general disbelief
about what you said. If you take that as a person attack, then that's
your problem. If you get them too often in your inbox directed at
yourself, or feel like you do, maybe you should think about what that
means.
Darren
-Original Message-
From
analogies and just exlpain whatever it is in 'native' terms.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
2003
Microsoft Windows Server 2003 64-bit Edition
Further details:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/bulletin/MS03-043.asp
--
Darren Bounds
nformation Security Services
Intrusense LLC.
http://www.intrusense.com
--
Intrusense - Securing Business
copy-protection
technology.
--
---
Darren Bennett - CISSP
Sr. Systems Administrator/Manager
Science Applications International Corporation
Advanced Systems Development and Integration
://www.rubberhose.org
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
,
Darren Bounds
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
My advice to anyone who gets bounce backs from posting to bugtraq is
to save and forward all bounces to the admin contact for the list.
I usually get a thank you, they'll be promptly unsubscribed in
response.
Darren
___
Full-Disclosure - We believe
- the world's most perfect
software.
And I'm sure this will manage to be another remote exploit that
the OpenBSD team will find a way to not count on their front page.
Cheers,
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com
today. Others don't and I'm sure there are examples and
counter examples to prove either side. My only advice is try not to
take criticism of it personally.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure
In some mail from petard, sie said:
On Wed, Sep 17, 2003 at 02:41:16AM +1000, Darren Reed wrote:
DR: In some mail from [EMAIL PROTECTED], sie said:
[Offtopic] Really, must we politicise everything?! It is
more informative and equally gender-neutral to state:
On timestamp, sender's name
vulnerability such as this finally
be made public.
What's news here? I mean setting -S 2 for sadmind (if sadmind is
required) has been on the tighten up list (for me at least) for just
as long.
Darren
___
Full-Disclosure - We believe in it.
Charter: http
, I like it :)
My $0.02 worth :)
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
of incorrect id tag'ing
as it'll show up as more than 1 item as it goes through the checkout
counter in the store.
But unless ID tags can be fab'd on the spot by sales staff as they
wrap up the half dozen pieces of fish you've just asked for, barcodes
are going to be around for a while yet.
Darren
an angle for his
argument about how this protects children and/or combats
terrorism.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
In some mail from [EMAIL PROTECTED], sie said:
[...]
That's 30 hours I'm not spending helping do network performance tuning
[...]
You know, I read through that list and saw numerous things that you
shouldn't have to do, besides clean up from worms and viruses.
If you feel you are so short on
$200. Go directly to jail (or at least
pay some fines).
Darren
From: morning_wood [EMAIL PROTECTED]
To: Charles Ballowe [EMAIL PROTECTED],
[EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] Authorities eye MSBlaster suspect
Date: Fri, 29 Aug 2003 09:18:48 -0700
if the worm was active
In some mail from Jeremiah Cornelius, sie said:
Darren Reed wrote:
I, for one, would not cry if the law made it impossible to sell or
provide GPL'd software to people because it could not be provieded
with a disclaimer.
Sooner or later the software industry needs to grow up and take
, that is.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
week. How many do
your customers get?
A small fraction of it is from anti-virus products. I don't reply to
any of it and nobody gets it from me. As soon as I've marked a couple
of hundred for deletion, more have already arrived.
Darren
p.s. If you doubt the numbers I'll happily save a sample
of cases, they may have slightly less chance.
Remember, it takes much less effort to turn a rowboat than it takes to turn
an aircraft carrier.
Thanks,
Darren Bounds
Security Consultant
Information Security Services
Intrusense LLC.
--
Intrusense - Securing Business As Usual
From
properly isolate failures that cause further problems
(overload.)
Want to find a root cause? Probably one too many air conditioners
being turned on to deal with the heat.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full
Yes, the five 9's of reliability that MS talks about is more like
.9 of the time than 99.999%. Another possibility is that some things
WERE on MS and while not connected to the internet directly, were
infected via a laptop or other internal system.
-Darren
On Fri, 2003-08-15 at 12:40
for was for you stop being so melodramatic and start
posting with something other your usual tiresome blabberings about how
RPC DCOM vulnerabilties or XSS cookie theft from ACME-Bed-n-Breakfast.com
will be the end of us all.
Have a nice weekend,
Darren
PS: I hope you enjoyed your summer vacation
I don't know if this covers what's already been said about DCOM worms...
Forwarded message:
From [EMAIL PROTECTED] Tue Aug 12 08:42:31 2003
Message-Id: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
From: X-Force [EMAIL PROTECTED]
Subject: ISS Security Brief: MS Blast MSRPC DCOM Worm Propagation
guess we would all need to move to a better platform
or a different job :)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joey
Sent: Tuesday, 12 August 2003 9:36 p.m.
To: Darren Reed; Andrew J Homan
Cc: [EMAIL PROTECTED]
Subject: Re
PROTECTED] and destroy all
electronic and paper copies of this e-mail.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
--
---
Darren Bennett
CISSP
in Australia, it'll be 7:01am in Seattle on Friday the
15th...
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
I've seen some people referring to MSBLASTER as LOVESAN and POZA as
all being the same thing.
Does this make sense to anyone else ?
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
In some mail from cstone, sie said:
On Wed, Aug 13, 2003 at 10:10:20AM +1000, Darren Reed wrote:
I've seen some people referring to MSBLASTER as LOVESAN and POZA as
all being the same thing.
Does this make sense to anyone else ?
yes. everyone picks their own name -- this happens
targetted by this worm. They're a
large, rich, monopoly of a company. Do they really deserve any
nice sympathy at all ? I suspect I'm not alone in these feelings.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full
. If you (or anyone
else) wants to know more, go get some lessons from a 'big 5' auditing
company or similar.
Maybe you should give your modem to your mommy, go back to your room
and ask your mommy to let you out when you can show the world you've
got more to offer than just petty insults.
Darren
the
requisite bootup files immutable to prevent trojan'ing and that
can make things harder to administer than it is worth the effort.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
for a little
more detail.
RPC IS DEVASTATING? That's the best I've heard yet. :)
Have a nice day and I look forward to your next XSS vul,
Darren
PS. You speak English very well considering it's obviously not your native
tongue.
- - Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL
evaluation of the two lists is tending towards bugtraq
being irrelevant, these days as it becomes more of a vendor-announce list
(especially for Linux) than a useful forum to particpate in.
Cheers,
Darren
___
Full-Disclosure - We believe in it.
Charter: http
in
comparison) Would it cost more? Maybe, but doubtful. The cost of
DOS/Hacks/downtime coupled with cheaper but incompetent admins is very
very high as well.
-Darren
On Tue, 2003-07-29 at 13:51, Ron DuFresne wrote:
On Tue, 29 Jul 2003 [EMAIL PROTECTED] wrote:
On Tue, 29 Jul 2003 13:14:49
...
--
---
Darren Bennett
CISSP, Certified Unix Admin., MCSE, MCSA, MCP +I
Sr. Systems Administrator/Manager
Science Applications International Corporation
Advanced Systems Development and Integration
---
___
Full
This link is to a more technical document on the windows password
flaws...
http://lasecwww.epfl.ch/pub/lasec/doc/Oech03.pdf
--
---
Darren Bennett
CISSP, Certified Unix Admin., MCSE, MCSA, MCP +I
Sr. Systems Administrator/Manager
Science Applications
Here is a yahoo story on the same problem... Others seem to think that
it is indeed a problem (and one that ONLY affects Windows).
http://story.news.yahoo.com/news?tmpl=storycid=620ncid=620e=1u=/nf/20030723/bs_nf/21952On
-Darren
Wed, 2003-07-23 at 13:24, 3APA3A wrote:
Dear
no idea). As Dallas said in her response, while upgrading may
seem like a good idea (to exchange 2k+), we too will be using outlook
2003 before upgrading exchange (exchange upgrades in large corporate
environments are a nighmare..)
-Darren
On Mon, 2003-07-21 at 20:45, Jason wrote
.
The only current workaround for this issue is to not use Outlook 2003.
Anyone else seen this behavior?
--
---
Darren Bennett
CISSP, Certified Unix Admin., MCSE, MCSA, MCP +I
Sr. Systems Administrator/Manager
Science Applications International
the necessary traffic
types:
packit -t RAWIP -V 53 -d dst_ip -T ttl
packit -t RAWIP -V 55 -d dst_ip -T ttl
packit -t RAWIP -V 77 -d dst_ip -T ttl
packit -t RAWIP -V 103 -d dst_ip -T ttl
Please use it wisely.
Thanks,
--
Darren Bounds
Security Consultant
Information Security Services
Intrusense Inc
...
donnie
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
--
---
Darren Bennett
CISSP, Certified Unix Admin., MCSE, MCSA, MCP +I
Sr. Systems
.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Why do people continue trying to argue the meaning of hacker ?
That 'battle' was lost over 10 years ago.
Get over it.
A hacker, today, is someone who participates in acts relating to
illegal activity with computers, be it phreaking or just cracking.
The english language evolves and this is
citizens.
Get smart about what you're doing. Well, first I suppose you need to
grow up and mature, then maybe, with time, you'll understand and be
able to be smart rather than stupid about what you do to achieve the
correct goals.
oh and darren, no i wasn't joking about encouraging the young hacker
just anyone can do it or,
rather, that just anyone is expected to do it (e.g Microsoft
Windows 2000 and later for home.)
Just to leave you with an end teaser, consider what it would
mean if software sold could not disclaim fitness for purpose.
Darren
permission concepts beyond read-only/archive bits.
NTFS (NT4, W2K, XP, ...) supports file ownership by users as well as
read/write/execute bits. This is something that many *nix advocates
are blissuflly unaware of. It's also not often used properly.
Darren
.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
server passwords.
Darren
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
1 - 100 of 105 matches
Mail list logo