Re: [Full-disclosure] IP-Adresses of German Secret Intelligence Agency supposedly leaked

-facto secret service. And that's the point of criticism here: it mixes secret service competences with the normal executive pillar of the state. However, I'm not sure that belongs here. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61

Re: [Full-disclosure] security industry software license

Salut, Valdis, On Fri, 17 Oct 2008 08:45:21 -0400, [EMAIL PROTECTED] wrote: You *really* don't want to follow that idea to its logical conclusion. Evil bread-eating terrorists. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80

Re: [Full-disclosure] pause for reflection

. ;-) Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: PGP signature

Re: [Full-disclosure] THC releases video and tool to create fake ePassports

ePassports exist? - and I'd rather spend time in an American jail for a false diplomatic passport than in just about any other country for anything else! You're into SM/torture? TMD. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333

Re: [Full-disclosure] To disclose or not to disclose

it along with the advisory. This minimizes the risk level for users of the product, of course. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel

Re: [Full-disclosure] Invalid Certificate

quickly. -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: PGP signature

Re: [Full-disclosure] [RFC] Very Low Signal to Noise Ratio on FD

the signal or not filtering the noise to varying degrees. Try a Bayesian SPAM filter; works well for my purposes. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053

Re: [Full-disclosure] ISO Standards

to downloadable PDF files is a good step forward. A4 is a real nuisance if you are in the US instead of England. ANSI should have US Letter format. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41

Re: [Full-disclosure] Full-Disclosure? introducing lul-disclosure.

-- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: PGP signature ___ Full-Disclosure

Re: [Full-disclosure] so this is FD...

filters. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: PGP signature

Re: [Full-disclosure] Skype chat encryption with OTR

is executed in a way which is only ever trustworthy to the recipient, so the recipient cannot prove anything to others with it. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 67

Re: [Full-disclosure] Skype chat encryption with OTR

deniability is due to the fact that the signature is executed using a symmetric key known to both parties, so that either party (but noone else) could have sent the message. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33

Re: [Full-disclosure] Working exploit for Debian generated SSH Keys

is rather poor in this case, and you should only use it in addition to other sources. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch

Re: [Full-disclosure] Working exploit for Debian generated SSH Keys

and the Process ID. With the elimination of the uninitialized memory as seed, the seed for the MAC was entirely comprised by the PID. So we're not debating a weakness in the PRNG here at all, which is a _very_ delicate subject. Tonnerre -- SyGroup GmbH Tonnerre

Re: [Full-disclosure] Firewire Attack on Windows Vista

there. ;-) Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: PGP signature

Re: [Full-disclosure] rPSA-2008-0052-1 kernel

a week late. Congratulations. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description

Re: [Full-disclosure] Brute force attack - need your advice

the mention of the user name with spaces, some of these scripts fall for that trick. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch

Re: [Full-disclosure] Brute force attack - need your advice

. Tonnerre [1]: No, a RAID1 is not a backup. -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description

Re: [Full-disclosure] Brute force attack - need your advice

!) Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: PGP signature

Re: [Full-disclosure] What makes Yahoo! a good merger candidate?

think that RFCs are ok for some things but not for others :-( I think I'm not going to be able to resist the temptation to use rfc-ignorant.org as a blacklist on a massive amount of mail servers so much longer... Tonnerre -- SyGroup GmbH Tonnerre Lombard

Re: [Full-disclosure] [FDSA] Sort - Critical Format String Vulnerability

a bug though, and wants to be fixed. So congratulations to a working, though overdramatizised, discovered format string vulnerability. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383

Re: [Full-disclosure] PWDumpX v1.4 (and GUI:s)

, you are not going to get very far in your pentest, that's all. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL

Re: [Full-disclosure] PWDumpX v1.4

in order to be able to start the GUI? Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc

Re: [Full-disclosure] PWDumpX v1.4

Salut, On Tue, 8 Jan 2008 03:30:13 -0600 reepex [EMAIL PROTECTED] wrote: he is a 'point and click' hacker .. do not confuse him Oh, oh, I'm sorry, I keep forgetting that Point'n'Hack interfaces are the future. Tonnerre -- SyGroup GmbH Tonnerre Lombard

Re: [Full-disclosure] Microsoft FTP Client Multiple Bufferoverflow Vulnerability

? Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Güterstrasse 86 Fax:+41 61 383 14 674053 Basel Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: PGP signature

Re: [Full-disclosure] Microsoft FTP Client Multiple Bufferoverflow Vulnerability

Salut, On Wed, 28 Nov 2007 13:16:34 +0100 KJK::Hyperion [EMAIL PROTECTED] wrote: Tonnerre Lombard ha scritto: Microsoft FTP Client Multiple Bufferoverflow Vulnerability Isn't the FTP client compiled with stack overflow protection? If so, how is that supposed to help? By terminating

Re: [Full-disclosure] SSH brute force blocking tool

username to bikermice from 217.14.64.1, you're going to blacklist 217.14.64.1 because it is a valid IP. Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL

Re: [Full-disclosure] SSH brute force blocking tool

since the L4Addr doesn't matter much here, as we're dealing with L3addrs... Tonnerre -- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL Web:www.sygroup.ch [EMAIL

Re: [Full-disclosure] SSH brute force blocking tool

of the admin so he can't log in anymore) Tonnerre -- SyGroup GmbH Tonnerre Lombard Lösungen mit System Tel:+41 61 333 80 33Röschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description

Re: [Full-disclosure] Putty Proxy login/password discolsure....

with UNIX and enjoy full memory access to the host machine... Tonnerre -- SyGroup GmbH Tonnerre Lombard Lösungen mit System Tel:+41 61 333 80 33Röschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc

Re: [Full-disclosure] Removing the NIC cable = EoP?

-- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part ___ Full

Re: [Full-disclosure] The truth about Rob Levin aka Liloofirc.freenode.net

-- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part

Re: [Full-disclosure] tar alternative

directory traversal vulnerability. Yes, they also exist, but if so, it needs to be fixed inside your tar program. NetBSD and Solaris tar for example don't seem to have this vulnerability. Nor does the dreaded GNU tar. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen

Re: [Full-disclosure] Microsoft product vs Microsoft patch

, like with xdelta, don't share these problems. They do have a whole lot of different problems though which invalidate the measurement as well. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383

Re: [Full-disclosure] 70 million computers are using Windows 98 right now

. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part

Re: [Full-disclosure] 70 million computers are using Windows 98 right now

thing cracked open wide and Microsoft is still there and all well. A few companies list a lot of equipment, but well. Why should Microsoft be affected at all? Anyway. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33

Re: [Full-disclosure] Are consumers being misled by phishing?

if the majority of people with an IQ higher than 100 have an IQ which is a _lot_ above 100, this would mean that the amount of 419 victims is actually _higher_ than 50% of the humanity. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33

Re: [Full-disclosure] UnAnonymizer

though. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach BL Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message

[Full-disclosure] RE: MySQL DoS

(0.00 sec) ASL? (Architecture, System, Live version) Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc

[Full-disclosure] Re: MySQL DoS

- affected mysql Ver 12.22 Distrib 4.0.18, for mandrake-linux-gnu (i586) - affected Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach Web:www.sygroup.ch [EMAIL PROTECTED

Re: [Full-disclosure] Google blocked in China?

around this, such as the elgooG mirror... Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description

Re: [Full-disclosure] Tool Release - Tor Blocker

% of the traffic are actually legitimate. Why not block the Internet then? Most of the time you don't get the bastard spamass anyway. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach

Re: re : [Full-disclosure] n3td3v agenda revealed

of any other security problems in the mainland right now? Oh well, right, the charta. I'm sorry. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach Web:www.sygroup.ch

Re: [Full-disclosure] Tool Release - Tor Blocker

Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part

Re: [Full-disclosure] blocking tor is not the right way forward. It may just be the right way backward.

... Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33Roeschenzerstrasse 9 Fax:+41 61 383 14 674153 Reinach Web:www.sygroup.ch [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part

Re: [Full-disclosure] Tool Release - Tor Blocker

even the slightest idea of the matter, usually. So if you have one index.html moved to index.html.bak and a new index.html reading 'pwned', some companies are already in the ten thousands of damages. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel

Re: [Full-disclosure] Different google interface when using some Tor exit nodes

defaults. Google looks different from different countries. Walk around in the world with your laptop and you'll see what I mean. This is not a Tor vulnerability. Tonnerre -- SyGroup GmbH Tonnerre Lombard Loesungen mit System Tel:+41 61 333 80 33