idealistic: we have
the folks we have and we need business (and small companies taking risks and
making errors).
-
phocean
Le 21 avr. 2013 à 07:06, valdis.kletni...@vt.edu a écrit :
On Sat, 20 Apr 2013 20:02:12 -0400, Bryan said:
The only point that I was trying to make is that there needs
with no results except some false positive. I also had a look on the
disassembly of these files.
So, I don't know what it is, but if it is a rootkit it is not a trivial one and
I am afraid it is smarter than me :)
--- phocean
Le 12 juil. 2012 à 15:33, Mikhail A. Utin a écrit :
-Original
Could you elaborate please?
What that I haven't done yet? If we agree there is nothing in the RAM dump, how
can we explain the artefacts?
Musntlive, I never trust any antivirus.
--- phocean
Le 12 juil. 2012 à 17:46, valdis.kletni...@vt.edu a écrit :
On Thu, 12 Jul 2012 11:00:36 -0400
?
--- phocean
Le 12 juil. 2012 à 18:22, Григорий Братислава a écrit :
On Thu, Jul 12, 2012 at 12:09 PM, phocean 0...@phocean.net wrote:
Could you elaborate please?
What that I haven't done yet? If we agree there is nothing in the RAM dump,
how can we explain the artefacts?
Musntlive, I never
Not sure if you are kidding.
1) WinDBG is a debugger, not really memory dump.
2) Not sure to understand*
3) It is your opinion.
4) Don't understand. Sounds like a joke, but even with that angle I don't get
it.*
* If only you stopped with this weird english.
--- phocean
Le 12 juil. 2012 à 18
Me is give up too ;) Thanks anyway.
--- phocean
Le 12 juil. 2012 à 19:07, Григорий Братислава a écrit :
On Thu, Jul 12, 2012 at 1:02 PM, phocean 0...@phocean.net wrote:
Not sure if you are kidding.
1) WinDBG is a debugger, not really memory dump.
2) Not sure to understand*
3) It is your
Hi,
I do not know any specific stuff yet, though I have been a recent switcher
myself.
I had a quick look but it seems that there are not many resources.
So this is going to be an interesting topic.
Just curious: what are the motives for your switch?
Regards,
--- phocean
Le 9 juil. 2012 à 19
Internals, but still I don't see how to start with this mess).
More details are on my blog.
Thanks,
--- phocean
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Full-Disclosure - We believe in it.
Charter: http
strange that a machine gets corrupted so
quickly. And of course, I suspect some of these tools, got from multiple
downloads.
At last, I could analyse them one by one of course, but there are many so it
would be painful (and I am not sure that I kept all setups).
--- phocean
Le 11 juil. 2012 à 22
is slowly improving and
almost reaching normality. Beware, you could be identified !
--- phocean
Le 8 juin 2012 à 20:22, Michael Hallgren a écrit :
Guys, please cut the crap. This is quita a cool list, but being a list it's
nice when pursuing a debàte of ideas... In this instance, it's
Oh n !!! Sounds scary.
--- phocean
Le 9 juin 2012 à 14:20, andrew.wallace a écrit :
You've just libeled yourself.
My lawyers will be identifiying you to serve you legal papers.
---
Andrew Wallace
From: phocean 0...@phocean.net
To: Michael Hallgren m.hallg...@free.fr
Cc
What is this non sense ? It seems that Jérôme is having some trouble.
--
phocean 0...@phocean.net
Le samedi 18 février 2012 à 20:07 +, Jerome Athias a écrit :
Information here:
http://www.frhack.org/frhack-cfp.php
CFP extended : + 1 month
Hacker
1. A person who enjoys exploring
Yes :|
--
phocean 0...@phocean.net
Le jeudi 26 janvier 2012 à 12:02 -0500, valdis.kletni...@vt.edu a
écrit :
On Wed, 25 Jan 2012 17:54:02 PST, Alyx said:
Are you looking at kernel code or userland code? (:
Is there a clear distinction in the Windows world
:contains From sec...@gmail.com
) {
discard;
}
--
phocean 0...@phocean.net
Le vendredi 09 décembre 2011 à 21:27 +1100, xD 0x41 a écrit :
Oh wow anothwer fucking genius!
Upir actually know him, why arent you a nice guy who thimks theyre top
shit..but again, as alwys, offering VERY
N3d3v, or Andrew, your broken English looks too much like Musntlive,
your previous creation.
Please change the pattern for your next impersonation.
---
phocean
Le 22.11.2011 08:48, xD 0x41 a écrit :
You fucking pieces of shit forget when it was once me who was asking,
for help in regards
... or rather, some decompiled files :
http://www.pentestit.com/2011/07/04/stuxnet-source-code-online/
--
phocean
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
... or rather, some decompiled files :
http://www.pentestit.com/2011/07/04/stuxnet-source-code-online/
--
phocean
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
and sponsored by Secunia - http://secunia.com/
Nice one :)
--
phocean
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
OMG!
---
phocean
On Thu, 23 Jun 2011 19:16:11 +1000, -= Glowing Sex =- wrote:
Woahh... nicely picked mate...
Then, they dare to then market it, (with or even withut that guys
lib), i
mean pros would have theyre OWn lib if they were that serious...also,
somany
bugs in theyre own
.
--phocean
Le 12/06/2011 04:34, -= Glowing Doom =- a écrit :
Umm... someone ELSE showed the fact that, there is something with
backspace, and MS... Learn to read, ill prmise to learn to speeel :)
To many IF's, do some research, instead of flaming.
On 12 June 2011 12:31, adam
://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
phocean
0xA74E3C31.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
___
Full-Disclosure - We believe
by Secunia - http://secunia.com/
--
phocean
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
OS 9. You won't have to dig hard to find them.
I would like to know is there any local root exploit exist for
linux kernel 2011 .
Can't wait for Linux 2012. These Electronic Arts guys are geniuses.
--
phocean
___
Full-Disclosure - We believe
It doesn't sound good to me and maybe other people here.
I am interested too even if I have followed it passively so far.
So why going private?
On Wed, 11 May 2011 00:35:41 +, Dobbins, Roland wrote:
On May 11, 2011, at 7:18 AM, Thor (Hammer of God) wrote:
Let's take it offline - you
protect from all kind of attacks and you cited
some of these cases, but there are plenty of cases where it is useful.
On Wed, 11 May 2011 09:29:24 +, Dobbins, Roland wrote:
On May 11, 2011, at 4:22 PM, phocean wrote:
So why going private?
Because full-disclosure isn't the best forum
You were faster than me! :)
On Wed, 11 May 2011 11:38:23 +0200, Christian Sciberras wrote:
Whereas hardcore pornography (@Cal) is?
On Wed, May 11, 2011 at 11:29 AM, Dobbins, Roland
rdobb...@arbor.netwrote:
On May 11, 2011, at 4:22 PM, phocean wrote:
So why going private?
Because
allows to build
slightly shorter and more efficient filtering rules.
This way, a step toward simplicity is often a step toward security.
On Wed, 11 May 2011 09:54:59 +, Dobbins, Roland wrote:
On May 11, 2011, at 4:52 PM, phocean wrote:
I want to read how you justify that stateful
If you say so, then it must be true.
On Wed, 11 May 2011 11:33:37 +, Dobbins, Roland wrote:
On May 11, 2011, at 6:05 PM, phocean wrote:
Passive FTP is the first example that comes to my mind where
inspection (based on statefulness) is needed.
I really don't want to continue
Thanks this useful sum-up for the discussion.
I have a few comments though:
- DDoS : anyway, a firewall isn't more susceptible to DoS than the
server it protects. If you look at the hardware performance of modern
firewalls, if an attacker has the ability to DoS it, then only a
Le mercredi 11 mai 2011 à 16:49 +, Dobbins, Roland a écrit :
On May 11, 2011, at 10:03 PM, phocean wrote:
- DDoS : anyway, a firewall isn't more susceptible to DoS than the server
it protects. If you look at the hardware performance of modern
firewalls, if an attacker has
Le mercredi 11 mai 2011 à 17:15 +, Dobbins, Roland a écrit :
On May 12, 2011, at 12:09 AM, phocean wrote:
I still don't see how the hell the typical web server will handle as much
traffic as one of these Checkpoint, Cisco or whatever monsters.
That's the dread secret - they aren't
Le mercredi 11 mai 2011 à 17:40 +, Dobbins, Roland a écrit :
On May 12, 2011, at 12:31 AM, phocean wrote:
When I look at the specs of high end machines of most makers, they are and
they outmatch most of x64 servers.
http://urbanairship.com/blog/2010/09/29/linux-kernel-tuning
I knew it!! :D
Is you MusntLive is my hero!
Is very very bad is Theo!
Le lundi 02 mai 2011 à 14:05 -0400, Григорий Братислава a écrit :
MusntLive Security Advisory
Which is better ? To be one of you, decadent mother's sons, whose merits
are hitting a keyboard, watching porn and polluting FD. You are just
bullshit compared to your ancestors that made your countries rich.
You have /dev/null merit. You would deserve to wake up tomorrow in the
middle of nowhere
Yes.. and you won't tell you where it is. Guess why.
Le lundi 21 février 2011 à 18:15 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
Can anyone recommend any decent lists, preferably that are moderated
against douchebaggery and trolls (but allow swearing and insults etc),
and allows for
Can you please stop insulting and using {agressive, immature, sexual...}
oriented words.
Too much is too much. Relax, take a deep breath outside and let's go
back to the real stuff.
Thanks.
Le jeudi 17 février 2011 à 17:38 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
I don't give a fuck
If so, I sincerely feel sorry for you :(
This shit can really destroy your life if you are not careful and loose
sight of important things of life. Good luck !
Le jeudi 17 février 2011 à 17:47 +, Cal Leeming [Simplicity Media
Ltd] a écrit :
Considering for the last 18 months my work has been
I never thought I would agree with Andrew some day, but that's done.
Don't you understand that you are killing FD or is it what you want?
We are not here for porn! You may be sick and think like anyone is like
you, but believe me, there are people who don't want of it and live very
well without.
)
Looks to me like the majority of people on this forum would rather see
porn, than listen to Andrew's shit.
On Thu, Feb 17, 2011 at 9:44 PM, phocean 0...@phocean.net wrote:
I never thought I would agree with Andrew some day, but that's
done.
Don't you understand
design, NX, randomization, MAC)...
In short, what is your stake on it? Is physical networking obsolete and
what can prove it is?
Regards,
- phocean
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
.
Sure but in that case, this is not the same code, nor the same editor,
hardware, etc.
Of course there are exploits too, but the probability of having 2
exploits on totally differents devices at the same time is lower than
only 1 exploit.
- phocean
For instance, the switch software isolates the communication betwenn port A,
B,
and C, that is if you send an unicast packet from A to B, C cannot read it.
But
the switching engine is not hardware, is software, so you could not trust
it.
This is the same when you compare physical
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
phocean said the following on 06/02/11 16:58:
So my worries remain... how do they address this?
You don't mean that we have to wait for the next 0-day for the VMware
claim to be proved false? There are coding vulnerabilities everywhere
Le dimanche 06 février 2011 à 13:48 -0600, Albert R. Campa a écrit :
vmware has come out with their vshield virtual firewall product.
Altor/Juniper has had a virtual firewalling product for a while now.
Which is still another module running on the same host with the same
OS...
I just agree with all that.
But once again, as with Pete, how is this new ? It has been the best
practice of good system/security administrators for years.
And it doesn't look like a no patching policy yet...
Le mardi 18 janvier 2011 à 11:19 -0800, coderman a écrit :
On Tue, Jan 18, 2011 at
Sorry if me trying to help find solutions for those companies bothers
you so much. Please feel free to ignore my future posts and future
work then so as not to waste your time.
Dude, please don't take it personnaly. I was just debating and defending
my point of view.
I never meant to attack
I don't understand this thread and what is new.
We all know it is rather hard to get protection from unknown threads,
and especially the unknow unknown. Competent administrator can try to
mitigate known unknown, eg common threats that may affect a software by
prevention.
In that way, patching is
stuff that would incite us to
read deeply the 200+ pages.
Regards,
phocean
Le vendredi 14 janvier 2011 à 10:16 +0100, Pete Herzog a écrit :
Hi phocean,
On 1/14/2011 9:25 AM, phocean wrote:
I don't understand this thread and what is new.
What is new is how we are trying to show patching
such processes, but it is an organization problem. Not
a patch management one.
phocean
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
And this is after virtualisation ?
So you just need to move to a new datacenter :D
Good luck ;)
Le vendredi 14 janvier 2011 à 13:39 -0500, valdis.kletni...@vt.edu a
écrit :
On Fri, 14 Jan 2011 19:22:53 +0100, phocean said:
Second, companies using critical applications and serious about
2011 19:45:34 +0100, phocean said:
And this is after virtualisation ?
So you just need to move to a new datacenter :D
You priced one of those lately? Trust me, upper management notices that sort
of thing. ;)
___
Full-Disclosure - We believe
Sure, what are the moderators doing ?
I am personnally disgusted by this kind of stuff. They are some people
really sick, it is scary to see what humans and modern societies are
becoming.
Anyway, it is far too much and too frequent. So much that I consider
unsubscribing.
Aren't there any better
Here we go again ! This list looks so crazy...
How many psychiatric cases in the security industry ? What the hell do
you smoke ?
Are you burning out trying to understand assembly ?
Or, my 2 cents : one schizophrenic guy is behind all this : n3td3v,
Musntlive, Dave Nett, Andrew, Weev, ...
Le
No problem, it will be easy as I don't care about you and I am willing
to talk anymore about your business.
However, note that I was just refering to the fair amount of trolling
which has been made with your pseudo. So don't mistake : you are the
only responsible of what you have said and done.
So what ? I do care and I am also here.
I agree this is not the place for that.
But you don't need to give your opinion either, otherwise you do take
part into this conversation (and some people may feel insulted).
Le jeudi 18 novembre 2010 à 20:53 +0100, Peter Osterberg a écrit :
Please don't
Interesting... So you and Andrew are the same person!!
And I am not telling my life here, so I don't expect anyone to care
about who I am. You are just doing the opposite, so please don't compare
or insult me.
I am just a subscriber interested in security, not in someone's life or
law cases.
I
Le vendredi 12 novembre 2010 à 21:47 +0200, n...@myproxylists.com a
écrit :
Where is for example FORM auto-detection for those
other tools? Where is SOCKS4 proxy support? Where is proxy
randomization?
Where is logic to drop dead proxies? Where is logic for
fake-detection?
Then, you should
57 matches
Mail list logo