Hi.
[EMAIL PROTECTED] wrote:
kindergarden! i think this is multy national!
Yes, it's an international kindergarden.
Will this bashing ever end?
Bye, Mike
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.ht
Faulty
> To: [EMAIL PROTECTED]
> Sent: Thursday, July 24, 2003 2:30 AM
> Subject: [Full-Disclosure] morning_wood should stop posting xss
> vulns in sites and fix his own site.
>
>
> morning_wood what is it with you and xss no one cares. Don't you
> think you s
On Sun, 2003-07-27 at 00:07, [EMAIL PROTECTED] wrote:
> > my site is my site, why are you telling me to "fix" it? I knew it's 404
> >has xss before any of you did.
> >Whats the big deal what my site has or hasnt... hmm? If you dont like my
> >stuff, dont read it,
> >my name is on every one of my p
> my site is my site, why are you telling me to "fix" it? I knew it's 404
>has xss before any of you did.
>Whats the big deal what my site has or hasnt... hmm? If you dont like my
>stuff, dont read it,
>my name is on every one of my posts.. every hear of filter? I dont read
>several advisories her
On Fri, 2003-07-25 at 15:38, morning_wood wrote:
> you are too narrow minded to even speak, broaden your horizons and
> accecpt all posibilities Ron. You are showing your ability to not
> comprehend the processes and theroetical possibilities... i feel way sorry
> for you.. go read more books Ro
you are too narrow minded to even speak, broaden your horizons and
accecpt all posibilities Ron. You are showing your ability to not
comprehend the processes and theroetical possibilities... i feel way sorry
for you.. go read more books Ron.. im sure you will learn even more crap
that keeps you
> [snip]
>
> >>Consider then the concept of a 'Honey Token'
> >>http://securityfocus.com/infocus/1713
> >>
> >>
> >
> >
> > Yet, the article states that these are more of a 'insider threat'
> > monitoring tool. Few if any honeytokens would probably ever be exposed to
> > the internet at large.
>
At 12:21 PM 7/25/03 -0400, Jason wrote:
tokens for account info in an extranet application, easily catches sql
injection, brute force attacks, intellectual property theft...
It's pretty common to use basically the same principle to track
junk mail address lists; i.e., use a variant of your name w
[snip]
Consider then the concept of a 'Honey Token'
http://securityfocus.com/infocus/1713
Yet, the article states that these are more of a 'insider threat'
monitoring tool. Few if any honeytokens would probably ever be exposed to
the internet at large.
Why not?
Example:
tokens for account in
> Yet, the article states that these are more of a 'insider threat'
> monitoring tool. Few if any honeytokens would probably ever be exposed
to
> the internet at large.
>
>
> Thanks,
>
> Ron DuFresne
Ron, you embarass yourself http://somehost.com/somepic.jpg>
<-- honeytoken
wood
__
> Point of order: To be a honeypot the vulnerability would have
> to be on a system that served no other purpose, despite what
> ISS would have you believe.
>
[SNIP]
>
> Consider then the concept of a 'Honey Token'
> http://securityfocus.com/infocus/1713
>
>
Yet, the article states tha
OK.. I'll bite are you saying:
A) Morning's website is useless?
or
B) Morning's entire website is all one sophisticated honeypot, and we all
fell for it?
or
C) ISS is more full of it than usual?
(Multiple answers possible :)
=
A. no
B. also no, only standard logging (
On Thu, 24 Jul 2003 12:33:20 PDT, "Altheide, Cory B." <[EMAIL PROTECTED]> said:
> Point of order: To be a honeypot the vulnerability would have
> to be on a system that served no other purpose, despite what
> ISS would have you believe.
OK.. I'll bite are you saying:
A) Morning's website i
From: Myers, Marvin [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, July 24, 2003 11:44 AM
> > To: Jennifer Bradley; [EMAIL PROTECTED]
> > Subject: RE: Re: [Full-Disclosure] morning_wood should stop
> > posting xss
> >
> >
> > Jennifer,
> >Did
HA!
- Original Message -
From: "Altheide, Cory B." <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, July 24, 2003 12:33 PM
Subject: RE: Re: [Full-Disclosure] morning_wood should stop posting xss
> Point of order: To be a honeypot the vulnerability
TIA!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jennifer
Bradley
Sent: Thursday, July 24, 2003 11:48 AM
To: [EMAIL PROTECTED]
Subject: Re: Re: [Full-Disclosure] morning_wood should stop posting xss
The whole point, you moron, is that you are tryi
From: Myers, Marvin [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, July 24, 2003 11:44 AM
> > To: Jennifer Bradley; [EMAIL PROTECTED]
> > Subject: RE: Re: [Full-Disclosure] morning_wood should stop
> > posting xss
> >
> >
> > Jennifer,
> >Did you
Myers, Marvin wrote:
> Jennifer,
>Did you ever think that there is even the slightest possibility
> that the wood has done this on purpose? Have you never heard of a
> honey-pot. Some people in this world do have the ability to learn by
> observing others. So now I guess you are calling all of
chard
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jennifer
Bradley
Sent: Thursday, July 24, 2003 1:48 PM
To: [EMAIL PROTECTED]
Subject: Re: Re: [Full-Disclosure] morning_wood should stop posting xss
The whole point, you moron, is that you are trying to gain credib
t;
To: <[EMAIL PROTECTED]>
Sent: Thursday, July 24, 2003 10:47 AM
Subject: Re: Re: [Full-Disclosure] morning_wood should stop posting xss
> The whole point, you moron, is that you are trying to gain credibility
> as a security researcher. If your own web site has a so-called XSS
> s
ent checks.
-Original Message-
From: Jennifer Bradley [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 1:48 PM
To: [EMAIL PROTECTED]
Subject: Re: Re: [Full-Disclosure] morning_wood should stop posting xss
The whole point, you moron, is that you are trying to gain credibility
as
ike.. "all you do is lame xss" ??? a job... ROFL stfu .. kay
morning_wood
- Original Message -
From: Faulty
To: [EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 2:30 AM
Subject: [Full-Disclosure] morning_wood should stop posting xss
vulns in sites and fix his ow
ou do is lame
xss" ??? a job... ROFL stfu .. kay
morning_wood
- Original Message -
From:
Faulty
To: [EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 2:30
AM
Subject: [Full-Disclosure] morning_wood
should stop posting xss vulns in sites and fix his own
morning_wood what is it with you and xss no one cares. Don't you think you shoudl fix your own xss vulns in your site http://lists.netsys.com/pipermail/full-disclosure/2003-July/011565.html
before you accuse other people of being dumb for having the vulns. Mabee you want to fix your site but you ca
24 matches
Mail list logo