For those interested.
-- Forwarded message --
Date: Sat, 1 Mar 2008 22:08:29 +
From: Petko D. Petkov <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: The Router Hacking Challenge is Over!
http://www.gnucitizen.org/projects/router-hacking-challenge/
The
I'm an MRTG guy, but many aren't.
-- Forwarded message --
Date: Tue, 12 Feb 2008 14:42:01 -0200
From: Mario Sergio Candian <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: cacti -- Multiple security vulnerabilities have been discovered
Affected packages:
cacti < 0.8.7b
Mult
On Thu, 24 Jan 2008, Fred Baker wrote:
I still think IP+timestamp doesn't imply what person did something
it doesn't, no any more than the association of your cell phone with a cell
tower conclusively implies that the owner of a telephone used it to do
something in particular. However, in fo
On Thu, 17 Jan 2008, Sean Donelan wrote:
On Wed, 16 Jan 2008, Gadi Evron wrote:
Yes, I still believe these ISP distributed machines called broadband
routers are a network operators issue. But not all may agree on that.
What specifications can consumer electronics stores and ISPs include in
Props to Jeff Chan who I saw it from.
Yes, I still believe these ISP distributed machines called broadband
routers are a network operators issue. But not all may agree on that.
--
http://news.yahoo.com/s/pcworld/20080116/tc_pcworld/141399
Flash Attack Could Take Over Your Router
Robert
On Wed, 16 Jan 2008, Simon Lockhart wrote:
On Wed Jan 16, 2008 at 12:09:48PM -, Rod Beck wrote:
6. I am not aware of any Dutch per se ISP conferences although that market is
certainly quite vibrant. I am also disappointed to see the Canadians and
Irish have next to nothing despite Ireland
I was told I should care about smaller entities that ccTLDs on this, so
here is a forward to NANOG of a discussion on DNS-operations.
-- Forwarded message --
Date: Tue, 4 Dec 2007 00:56:51 -0600 (CST)
From: Gadi Evron <[EMAIL PROTECTED]>
To: Rickard Dahlstrand &
On Mon, 3 Dec 2007, John Kristoff wrote:
On Mon, 03 Dec 2007 15:16:47 -0200
"MARLON BORBA" <[EMAIL PROTECTED]> wrote:
I am in search of a good book about Network Architecture and Design,
with emphasis in Quality of Service and convergent networks, to be used
as a reference. Could you please i
Hey Rich.
We discussed the technology before but the actual mental click here is
important -- thank you.
BTW, I *think* it was Randy Bush who said "today's leechers are
tomorrow's cachers". His quote was longer but I can't remember it.
Gadi.
On Mon, 22 Oct 2007, Rich Groves wrote
On Fri, 12 Oct 2007, Paul Ferguson wrote:
So, back to my original question: If you alert an ISP that "bad and
possibly criminal" activity is taking place by one of their customer,
and they do not take corrective action (even after a year), what do
you do?
That's a different question all toge
On Fri, 12 Oct 2007, Leigh Porter wrote:
You are more likely to get 5000 zonealarm emails
Or a place on dshield's top 10.
Justin M. Streiner wrote:
On Fri, 12 Oct 2007, Chris Owen wrote:
You can't consider every wacko on the net when doing something like
this. Anyone who consider
I am unsure what to say.
-- Forwarded message --
Date: Tue, 04 Sep 2007 11:14:34 +0200
From: Lubomir Kundrak <[EMAIL PROTECTED]>
To: funsec <[EMAIL PROTECTED]>
Subject: [funsec] The "Great IPv6 experiment"
This is kind of... interesting.
[snip]
We're taking 10 gigabytes of th
Hi, like last time, we are looking for community input and questions for
the Internet security operations community, to be discussed during ISOI 3.
ISOI is happening this Monday and Tuesday, we will likely compile the
responses in a few weeks.
We will reply to people personally on issues wh
On Tue, 22 May 2007, David Ulevitch wrote:
>
> These questions, and more (but I'm biased to DNS), can be solved at the
> edge for those who want them. It's decentralized there. It's done the
> right way there. It's also doable in a safe and fail-open kind of way.
>
> This is what I'm tal
On Tue, 22 May 2007, David Ulevitch wrote:
> Gadi Evron wrote:
> > On Mon, 21 May 2007, Chris L. Morrow wrote:
> >> ok, so 'today' you can't think of a reason (nor can I really easily) but
> >> it's not clear that this may remain the case tomorr
On 22 May 2007, Paul Vixie wrote:
>
> apropos of this...
>
> > >>As to NS fastflux, I think you are right. But it may also be an issue of
> > >>policy. Is there a reason today to allow any domain to change NSs
> > >>constantly?
>
> ...i just now saw the following on comp.protocols.dns.bind ("bi
On Mon, 21 May 2007, Chris L. Morrow wrote:
> On Mon, 21 May 2007, Gadi Evron wrote:
>
> > As to NS fastflux, I think you are right. But it may also be an issue of
> > policy. Is there a reason today to allow any domain to change NSs
> > constantly?
>
> well, so
On Mon, 21 May 2007, Chris L. Morrow wrote:
> ok, so 'today' you can't think of a reason (nor can I really easily) but
> it's not clear that this may remain the case tomorrow. It's possible that
> as a way to 'better loadshare' traffic akamai (just to make an example)
> could start doing this as w
On Mon, 21 May 2007, Chris L. Morrow wrote:
>
>
>
> On Mon, 21 May 2007, Gadi Evron wrote:
>
> > On Mon, 21 May 2007, Chris L. Morrow wrote:
> > > the root servers are responsible how exactly for the fast-flux issues?
> > > Also, there might be some l
On Mon, 21 May 2007, Stephane Bortzmeyer wrote:
>
> On Sun, May 20, 2007 at 09:25:37PM -0700,
> Roger Marquis <[EMAIL PROTECTED]> wrote
> a message of 15 lines which said:
>
> > >If not, have any root nameservers been hacked?
> >
> > To partly answer my own question, no.
>
> I cannot find t
On Mon, 21 May 2007, Chris L. Morrow wrote:
>
>
>
> On Sun, 20 May 2007, Roger Marquis wrote:
>
> > > If not, have any root nameservers been hacked?
> >
> > To partly answer my own question, no. The data returned by root
> > (gtld) nameservers is not changing rapidly. Thanks for the pointers
On Sun, 20 May 2007, Roger Marquis wrote:
>
> An odd pattern of DNS failures began appearing in the logs yesterday:
Fastflux.
Gadi.
On Wed, 16 May 2007, Ross Hosman wrote:
>
> Gadi,
>
> I appreciate your well thought out email but I sit here and wonder
> what exactly you are trying to accomplish with it? Are you just trying
> to shame the two ISPs listed publicly or are you trying to spark a
> discussion about something that
On Sun, 13 May 2007, Sean Donelan wrote:
> On Sun, 13 May 2007, Gadi Evron wrote:
> > "Passing the buck! Buck passer!" (see below - skip to Dilbert link)
>
> I guess you missed my attempts 3 or 4 years ago at trying to establish
> some standards for CPE concerning
On Mon, 14 May 2007, Chris L. Morrow wrote:
>
> On Sun, 13 May 2007, Gadi Evron wrote:
> > There is little to no financial incentive for ISPs to do something about
> > this problem right now, even if it is currently under their direct
> > control. Later on, when it is
On Sun, 13 May 2007, Sean Donelan wrote:
>
> On Sun, 13 May 2007, Florian Weimer wrote:
> > Fortunately, there is a simple solution to this kind of problem: ISPs
> > are very likely liable if they fail to alert customers about security
> > problems, and do not provide updates in a timely manner.
have New York city and the laws
of a feudal dark ages Kingdom.
Things will eventually change, and some of us will stick around to help
that change (or try to). For now though, it is about one vulnerability
ignored at a time, and working on our communities.
Gadi Evron.
e all busy, but I hope some of you will have the time to look into
this.
I am aware of and have assisted several ISPs, who spent some time and
effort exploring this threat and in some cases acting on it. If anyone can
share their experience on dealing with securing their infrastructure in
this regard publicly, it would be much appreciated.
Thanks.
Gadi Evron.
On Fri, 20 Apr 2007, Stephen Wilcox wrote:
> On Thu, Apr 19, 2007 at 06:10:06PM -0500, Gadi Evron wrote:
> >
> > I am generally worried about the trend that is emerging of reporting
> > security issues resulting in legal threats.
>
> well in this case i dont know t
On Fri, 20 Apr 2007 [EMAIL PROTECTED] wrote:
> On Fri, 20 Apr 2007, Gadi Evron wrote:
> > Now, that is off-topic to NANOG.
> Just because you disagree with someone's opinion, doesn't make it
> offtopic.
> I'm not sure the debate on public disclosure vs priv
On Fri, 20 Apr 2007, Simon Lyall wrote:
>
> On Thu, 19 Apr 2007, Gadi Evron wrote:
> > Looking at the lack of security response and seriousness from this ISP, I
> > personally, in hindsight (although it was impossible to see back
> > then) would not waste time with repor
On Thu, 19 Apr 2007, Edward Lewis wrote:
> At 18:30 -0500 4/17/07, Gadi Evron wrote:
> >http://www.theregister.com/2007/04/17/hackers_service_terminated/
> >
> >"A 21-year-old college student in London had his internet service
> >terminated and was threatened wi
On Thu, 19 Apr 2007, Will Hargrave wrote:
>
> Gadi Evron wrote:
>
> > "A 21-year-old college student in London had his internet service
> > terminated and was threatened with legal action after publishing details
> > of a critical vulnerability that can comp
http://www.theregister.com/2007/04/17/hackers_service_terminated/
"A 21-year-old college student in London had his internet service
terminated and was threatened with legal action after publishing details
of a critical vulnerability that can compromise the security of the ISP's
subscribers."
I h
provocative
> statement that starts a 50-message OT argument about botnets? NANOG-L would
> be
> more useful to those of use who actually operate networks if you would stop
> it.
At least this time you send a comprehensible note to the list rather than
"can't you die
On Tue, 3 Apr 2007, Andre Oppermann wrote:
>
> Gadi Evron wrote:
> > What are your thoughts on basic suggestions such as:
> > 1. Allowing registrars to terminate domains based on abuse, rather than
> > just fake contact details.
>
> Are you crazy or what? Ever
On Tue, 3 Apr 2007, Andy Davidson wrote:
>
>
> On 3 Apr 2007, at 03:02, Gadi Evron wrote:
>
> > What are your thoughts on basic suggestions such as:
> > 1. Allowing registrars to terminate domains based on abuse, rather
> > than just fake contact details.
>
On Tue, 3 Apr 2007, Adrian Chadd wrote:
>
> On Tue, Apr 03, 2007, Tony Finch wrote:
> >
> > On Mon, 2 Apr 2007, David Conrad wrote:
> > >
> > > Even if a delay were imposed, I'm not sure I see how this would actually
> > > help
> > > as I would assume it would require folks to actually look at
[Top-Posting]
Thanks David, of course, as you know, this was not an attack on you. I
appreciate you clarifying to me a bitmore on what ICANN does, does not
and is not supposed to do.
I will contact you off-list for further consultation. Many thanks again
for all your help!
So, who *is* able to
in the NANOG thread, by me in reply to
David Conrad. Things start to make sense now that flames and personal
attacks have died down.
[previous NANOG post here]
Where do we go from here? If we do proceed, what legitimate business
concerns stand to lose money? (or not earn as much?)
Gadi Evron,
[EMAIL PROTECTED]
On Mon, 2 Apr 2007, Robert Bonomi wrote:
>
>
> > From: David Conrad <[EMAIL PROTECTED]>
> > Subject: Re: On-going Internet Emergency and Domain Names
> > Date: Mon, 2 Apr 2007 17:33:08 -0700
> >
> >
> > On Apr 2, 2007, at 4:56 PM, Douglas Otis wrote:
> > > The recommendation was for registries t
On Mon, 2 Apr 2007, David Conrad wrote:
>
>
> On Apr 2, 2007, at 7:12 PM, Joseph S D Yao wrote:
> > On Mon, Apr 02, 2007 at 05:33:08PM -0700, David Conrad wrote:
> >> I think this might be a bit in conflict with efforts registries have
> >> to reduce the turnaround in zone modification to the or
On Mon, 2 Apr 2007, David Conrad wrote:
> On Apr 1, 2007, at 8:45 AM, Gadi Evron wrote:
> > On Sun, 1 Apr 2007, David Conrad wrote:
> >> On Mar 31, 2007, at 8:44 PM, Gadi Evron wrote:
> >> I'm not clear what "this realm" actually is.
> > Abuse and
On Mon, 2 Apr 2007, Joe Abley wrote:
>
> On 1-Apr-2007, at 22:30, Gadi Evron wrote:
>
> > But building a wall to protect your port from attacks by pirates
> > will not
> > make the pirates go away, and unfortunately, we can't convince
> > everybody
On Mon, 2 Apr 2007, Rod Beck wrote:
> I rarely post, but that is clearly a problem. The Americans seem to believe
> in the presumption of guilt and the infallibility of accusation. As an
> American born and bred I can hardly be accused of bias.
>
> Clearly spam is a serious problem in terms o
On 1 Apr 2007, Paul Vixie wrote:
>
> > We're looking at the alligators surrounding us. Gadi is trying to
> > convince us to help him in draining the swamp (which may indeed be a
> > positive thing in the long run).
> >
> > Does that sound about right?
>
> that sounds exactly wrong. harkening
On Sun, 1 Apr 2007, Cat Okita wrote:
>
> On Sun, 1 Apr 2007, Douglas Otis wrote:
> > Until Internet commerce requires some physical proof of identity, fraud
> > will continue. A zone preview approach can reduce related exploits and
> > associated crime, and the amount of information pushed to th
On 1 Apr 2007, Paul Vixie wrote:
>
> [EMAIL PROTECTED] (Gadi Evron) writes:
>
> > On Sun, 1 Apr 2007, Adrian Chadd wrote:
> >
> > > Stop trying to fix things in the core - it won't work, honest - and start
> > > trying to fix things closer to the edge
On Sun, 1 Apr 2007, Chris L. Morrow wrote:
> On Sun, 1 Apr 2007, Paul Vixie wrote:
> >
> > But, that's the DNS "edge", I'm not ready to see the DNS "core" gain
> > features
> > like this. Or if they do come, I'd like them to come as a result of
> > consensus
> > driven protocol engineering (lik
On Sun, 1 Apr 2007, David Conrad wrote:
>
> Hi,
>
> On Apr 1, 2007, at 6:54 AM, J. Oquendo wrote:
> > Summary:
>
> Confusion resulting from hearsay and extrapolations.
>
> > The "key-signing key" signs the zone key, which is held by VeriSign.
>
> Except that the root zone hasn't been signed a
On Sun, 1 Apr 2007, David Conrad wrote:
> On Mar 31, 2007, at 8:44 PM, Gadi Evron wrote:
> > ICANN has not shown any interest or ability to affect change in
> > this realm.
>
> I'm not clear what "this realm" actually is.
Abuse and Security (non infrastruc
On Sun, 1 Apr 2007, micky coughes wrote:
>
> On 4/1/07, Gadi Evron <[EMAIL PROTECTED]> wrote:
> >
> > http://www.securitylab.ru/news/extra/293608.php
> >
> > There are "two cross site scripting attacks on Cisco.s web site and Maria
> > Sharapova&#
http://www.securitylab.ru/news/extra/293608.php
There are "two cross site scripting attacks on Cisco.s web site and Maria
Sharapova's site to announce that she has passed the Cisco certification
test and will now become a security engineer."
Gadi.
On Sun, 1 Apr 2007, Mikael Abrahamsson wrote:
> net today that has made it into the raging success it is today. It's not
> perfect, but it works, and it doesn't have a single point of failure.
You just lost my respect for the remainder of this thread. :)
>
> ... and people have very bad experi
On Sun, 1 Apr 2007, Petri Helenius wrote:
> Gadi Evron wrote:
> >
> > Thing is, the problem IS in the core. DNS is no longer just being abused,
> > it is pretty much an abuse infrastructure. That needs to be fixed if
> > security operations on the Internet at
On Sun, 1 Apr 2007, Adrian Chadd wrote:
>
> Stop trying to fix things in the core - it won't work, honest - and start
> trying to fix things closer to the edge where the actual problem is.
Thing is, the problem IS in the core. DNS is no longer just being abused,
it is pretty much an abuse infras
On Sat, 31 Mar 2007, Patrick Giagnocavo wrote:
>
> >> There is a current on-going Internet emergency: a critical 0day
> >> vulnerability currently exploited in the wild threatens numerous
> >> desktop
> >> systems which are being compromised and turned into bots,
>
> I feel very strongly that t
On Sat, 31 Mar 2007, Matt Ghali wrote:
>
> On Sat, 31 Mar 2007, Fergie wrote:
>
> > The Registry policies, as they stand today, enable criminals.
>
> and airlines enable drug smugglers. idiot.
If drugs were smuggled by airlines or airlines with or without their
knowledge, and they, as well as
On Sat, 31 Mar 2007, william(at)elan.net wrote:
>
>
> On Sat, 31 Mar 2007, Fergie wrote:
>
> > Amen.
> >
> > The Registry policies, as they stand today, enable criminals.
>
> Registry or Registrar?
Both.
Gadi.
>
> --
> William Leibzon
> Elan Networks
> [EMAIL PROTECTED]
>
On Sat, 31 Mar 2007, Stephen Satchell wrote:
> Gadi Evron wrote:
> >
> > Amen. Really.
> >
> > I'd honestly like more ideas.
>
> What did IETF and ICANN say when you approached them through their
> public-comment channels?
>
ICANN is well aware
On Sat, 31 Mar 2007, Matt Ghali wrote:
> On Sat, 31 Mar 2007, Gadi Evron wrote:
>
> > Back to reality and 2007:
> > In this case, we speak of a problem with DNS, not sendmail, and not bind.
>
> Your reality must be interesting. In my reality, the problem is wi
On Sat, 31 Mar 2007, Roland Dobbins wrote:
> week or the week before or the month before that - after a while, a
> state of 'emergency' becomes the norm, and thus the bar is raised.
Indeed. This background noise is what it means to "lose the war", we lost
it, now we fight to maintain life in
On Sat, 31 Mar 2007, Paul Vixie wrote:
>
> > ...
> > Back to reality and 2007:
> > In this case, we speak of a problem with DNS, not sendmail, and not bind.
> >
> > As to blacklisting, it's not my favorite solution but rather a limited
> > alternative I also saw you mention on occasion. What alt
On Sat, 31 Mar 2007, Mattias Ahnberg wrote:
>
> Gadi Evron wrote:
> > The real problem? Okay, I'd like your ideas than. :)
>
> Just because one doesn't have a solution to the real
> problem doesn't invalidate them from objecting to an
> idea presented by
On Sat, 31 Mar 2007 [EMAIL PROTECTED] wrote:
> OK, so, do you officially declare the emergency? Should we all block the
This is an emergecy incident on the scale of WMF, but no, it is indeed
being handled. I am raising the flag on an ever increasing problem with
DNS.
This latest incident illustr
On Sat, 31 Mar 2007, Mikael Abrahamsson wrote:
>
> On Sat, 31 Mar 2007, Gadi Evron wrote:
>
> > In this case, we speak of a problem with DNS, not sendmail, and not bind.
>
> The argument can be made that you're trying to solve a windows-problem by
> implementi
On 31 Mar 2007, Paul Vixie wrote:
>
> whoa. this is like deja vu all over again. when [EMAIL PROTECTED] asked me
> to
> patch BIND gethostbyaddr() back in 1994 or so to disallow non-ascii host
> names in order to protect sendmail from a /var/spool/mqueue/qf* formatting
> vulnerability, i was f
On Fri, 30 Mar 2007, Jeff Shultz wrote:
>
> So, is there a list of domains that we could null-route if we could
> convince our DNS managers to set us up as the SOA for those domains on
> our local DNS servers - thus protecting our own customers somewhat?
>
> I won't discount the assertion that
indeed just an email message, sent among
friends.
- Begin quoted message -
Date: Fri, 16 Feb 2007 02:32:46 -0600 (CST)
From: Gadi Evron
To: [EMAIL PROTECTED]
Subject: [reg-ops] Internet security and domain names
Hi all, this is a tiny bit long. Please have patience, this is important.
On
On Wed, 21 Mar 2007, Mike Caudill wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> > Robert Boyle <[EMAIL PROTECTED]> [2007-03-20 19:11] wrote:
> >
> > At 05:48 PM 3/20/2007, you wrote:
> > >I wonder what their security process is for other types of routers?
> >
> > Try [EMAIL PROTE
I wonder what their security process is for other types of routers?
-- Forwarded message --
Date: 20 Mar 2007 20:31:01 -
From: [EMAIL PROTECTED]
To: bugtraq@securityfocus.com
Subject: Linksys WAG200G - Information disclosure
Hi there,
About 2 months ago I bought a wireless A
On Thu, 15 Mar 2007, Stephen Satchell wrote:
> Gadi Evron wrote:
>
> > Anyway, I have a friend who used managed to get "Not A Janitor" on his
> > business card.
>
> My all-time favorite business card was one from Autodesk from the chief
> financial officer
On Thu, 15 Mar 2007, Justin M. Streiner wrote:
>
> On Thu, 15 Mar 2007, Michael K. Smith - Adhost wrote:
>
> > - Technical Support Representative
> > - Network Administrator
> > - Senior Network Administrator
>
> > Or, you could just call them all "booger eaters" and be done with it.
>
> "Boog
On Thu, 15 Mar 2007, Jeff Kell wrote:
>
> Jay Hennigan wrote:
> >
> > This is as best I recall a direct quote. "We don't care. You can
> > call yourself Supreme Imperial Grand Poo-Bah if you want as long as
> > our network stays up."
>
> Nah, the proper term is "Network Czar" until you get i
ts and im still hearing
gadi"
- HD Moore to Gadi Evron on IM, on Gadi's interview on npr, March 2007.
CIH, CCSA-NGX, MCSE
Office of Information Security & Risk Management
EMC ² Corporation
4400 Computer Dr.
Westboro, MA 01580
-Original Message-
From: Gadi Evron [mailto:[EMAIL PROTECTED]
Sent: Monday, March 12, 2007 8:29 PM
To: Blanchard, Michael (InfoSec)
Cc: funsec@linuxbox.org
Subje
Hi guys. A guy named Sid recently wrote on securiteam (where I write
as well) on an accidental discovery he made on the security of his home
broadband router with its default settings.
Apparently, he started by discovering he had port 23 open (which was
telnet for the router rather than for him -
On Wed, 21 Feb 2007, Sean Donelan wrote:
>
>
> If you can't measure a problem, its difficult to tell if you are
> making things better or worse.
>
> On Tue, 20 Feb 2007, Rich Kulawiec wrote:
> > I don't understand why you don't believe those numbers. The estimates
> > that people are making ar
On Tue, 20 Feb 2007, Rich Kulawiec wrote:
Hi Rich,
thanks for your input, Rich. As always, quite
interesting.
>
> BTW #2: All of this leaves open an important and likely-unanswerable
> question: how many systems are compromised but not as yet manifesting
> any external sign of it? Certainly
On Sat, 17 Feb 2007, Sean Donelan wrote:
> On Sat, 17 Feb 2007, Gadi Evron wrote:
> >> Is there a significant difference between the "many" ISPs implementing
> >> walled gardens and other ISPs as far as infection rates?
> >
> > Yes.
>
> Then pleas
On Sat, 17 Feb 2007, Sean Donelan wrote:
> On Sat, 17 Feb 2007, Gadi Evron wrote:
> > Yes, but that is because the successful ISPs currently often implement
> > their own if they have the resources and R&D power. The really big ones
> > have it automated, the small o
On Sat, 17 Feb 2007, Sean Donelan wrote:
>
> On Sat, 17 Feb 2007, Gadi Evron wrote:
> >> Public ISPs have been testing these types of systems for over 5 years.
> >> What sorts of differences can you think of that would explain why public
> >> ISPs h
On Sat, 17 Feb 2007, Sean Donelan wrote:
>
> On Sat, 17 Feb 2007, Petri Helenius wrote:
> >> After all these years, I'm still surprised a consortium of ISP's haven't
> >> figured out a way to do something a-la Packet Fence for their clients
> >> where
> >> - whenever an infected machine is det
On Fri, 16 Feb 2007, J. Oquendo wrote:
> [EMAIL PROTECTED] wrote:
> >
> > You misunderstand. The problem of securing machines *IS* solved. It is
> > possible. It is regularly done with servers connected to the Internet.
> > There is no *COMPUTING* problem or technical problem.
> > The problem of t
On Fri, 16 Feb 2007, Roland Dobbins wrote:
>
>
> On Feb 16, 2007, at 9:12 AM, <[EMAIL PROTECTED]> wrote:
>
> > It is regularly done with servers connected to the Internet.
> > There is no *COMPUTING* problem or technical problem.
>
> I beg to differ. Yes, it is possible for tech-savvy users t
On Fri, 16 Feb 2007, Eric Gauthier wrote:
> Heya,
>
> > > And the fact that web servers are getting botted is just the cycle of
> > > reincarnation - it wasn't that long ago that .edu's had a reputation of
> > > getting pwned for the exact same reasons that webservers are targets now:
> > > easy
t;while we are on the subject of".
Sorry for that misunderstanding. I should have stated that one better.
Gadi.
>
> - - ferg
>
>
> - -- Gadi Evron <[EMAIL PROTECTED]> wrote:
>
> On Thu, 15 Feb 2007, Peter Moody wrote:
> > > I kept quiet on
On Thu, 15 Feb 2007, Peter Moody wrote:
> > I kept quiet on this for a while, but honestly, I appreciate Vint Cerf
> > mentioning this where he did, and raising awareness among people who can
> > potentially help us solve the problem of the Internet.
> >
> > Still, although I kept quiet for a whil
On Thu, 15 Feb 2007 [EMAIL PROTECTED] wrote:
> On Thu, 15 Feb 2007 19:02:12 CST, Gadi Evron said:
> > Many of them are SMTP-based only. IP reputation is very limited still.
> >
> > Now, all that said, back on "most are broadband users" - no longer
> > true. M
On Thu, 15 Feb 2007 [EMAIL PROTECTED] wrote:
> On Thu, 15 Feb 2007 11:30:34 EST, Drew Weaver said:
>
> > Has anyone created an RBL, much like (possibly) the BOGON list which
> > includes the IP addresses of hosts which seem to be "infected" and are
> > attempting to brute-force SSH/HTTP, etc?
On Wed, 14 Feb 2007, Robert E. Seastrom wrote:
>
>
> <[EMAIL PROTECTED]> writes:
>
> > Do you know of any network operators who have no Solaris boxes at all
> > used in the management of some part of their network? Seems to me that
> > it is very common for network operators to use Solaris boxe
On Tue, 13 Feb 2007, Albert Meyer wrote:
> Gadi Evron wrote:
> > A couple of updates and a summary digest of useful information shared from
> > all around on this vulnerability, for those of us trying to make sense of
> > what it means to our networks:
>
> Gadi,
>
pen to the community and industry on this without
too many PR/legal blocks getting in their way are very encouraging,
releasing information on the vulnerability, how it happened and why, a
quick beta patch and even discussing openly on mailing lists.
I am in awe. Now it is time for others to follow their example.
This one, despite its simplicity and age is going to be with us for a
while.
Gadi Evron.
Are file inclusion vulnerabilitiess equivalent to remote code
execution? Are servers (both Linux and Windows) now the lower hanging
fruit rather than desktop systems?
In the February edition of the Virus Bulletin magazine, we (Kfir
Damari, Noam Rathaus and Gadi Evron (me) of Beyond Security
On Mon, 12 Feb 2007, Alexander Harrowell wrote:
> On 2/12/07, Gadi Evron <[EMAIL PROTECTED]> wrote:
> >
> >
> > As a very smart person said a couple of weeks ago when this same argument
> > was made: are you willing to do tech-support for my mother is she use
On Mon, 12 Feb 2007, Stephane Bortzmeyer wrote:
>
> On Mon, Feb 12, 2007 at 01:45:41AM -0500,
> Sean Donelan <[EMAIL PROTECTED]> wrote
> a message of 16 lines which said:
>
> > The important lesson is you can educate people. The content may have
> > been bogus,
>
> > If you can come up wi
On Mon, 12 Feb 2007, Hank Nussbacher wrote:
>
> At 10:02 PM 11-02-07 -0500, Daniel Senie wrote:
>
>
>
> >IP Multicast as a solution to video distribution is a non-starter. IP
> >Multicast for the wide area is a failure. It assumes large numbers of
> >people will watch the same content at the
On Mon, 12 Feb 2007, Sean Donelan wrote:
>
> On Sun, 11 Feb 2007, Gadi Evron wrote:
> > Colin Powell mentioned at RSA in his extremely good, entertaining and
> > pointless talk something of relevance. During the cold war American kids
> > were trained to hide beneath th
>From HD Moore:
"but this bug isnt -froot, its -fanythingbutroot =P"
On Sun, 11 Feb 2007, William Schultz wrote:
>
> http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-
> disable.html
>
> Tested on Sol10, and it indeed works... Good thing we use SSH, right?!
>
> ##
On Sun, 11 Feb 2007, William Schultz wrote:
>
> http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-
> disable.html
>
> Tested on Sol10, and it indeed works... Good thing we use SSH, right?!
It works.
Credit to Johannes Ullrich at the SANS ISC.
I believe the vulnerability is tha
1 - 100 of 451 matches
Mail list logo
