Hello,
* On Thu, May 13, 2004 at 05:52:03PM -0400 [EMAIL PROTECTED] wrote:
So no, you can't take down an OFDM with a PDA that does 802.11b.
A card doing FHSS (that is, for 11g) might be enough. So, FHSS-802.11,
or, even better, because it hops faster, Bluetooth might be enough.
For 11a,
After all, nobody forces anyone to purchase and use MS Products. MS has been
selling imperfect products for years and people still continue to use them.
___
Full-Disclosure - We believe in it.
Charter:
You're a nazi...
A patriot would respect other countries and their laws...
I hereby invoke Godwin's Law and declare this thread dead.
-caelyx
-- Forwarded message --
From: van Helsing [EMAIL PROTECTED]
Date: Thu, 13 May 2004 19:58:18 +0200
Subject: Re: [Full-Disclosure]
--
C A L LF O RP A R T I C I P A T I O N
--
## Early Bird Rates available before June 1, 2004
Hello.
Earl Keyser wrote:
Let's be clear. Sasser violates networks and causes grief.
you missed one point: Sasser only violates *unpatched* networks, not
networks in general.
GTi
___
Full-Disclosure - We believe in it.
Charter:
[EMAIL PROTECTED] wrote:
Hello.
Earl Keyser wrote:
Let's be clear. Sasser violates networks and causes grief.
you missed one point: Sasser only violates *unpatched* networks, not
networks in general.
Point not missed at all.
Probing a network for vulnerabilities with the intent to use the
| I don't really see any question of ethics, morals, or legality here. The
| burgaler is at fault. Said intruder may not be guilty of theft, and may
| have had pure motives, but they're still plainly guilty of Tresspass and
| Breaking and Entering.
But trespass is only a civil offence and not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have detected some scans lookin' for the 5554 port (sasser's ftpd).
Does somebody know anything about a new worm, exploiting its
vulnerabilty?
Roberto a.k.a. Logan
There are no answers, only cross refernces.
--
That's the Dabber worm:
http://vil.nai.com/vil/content/v_125300.htm
Cheers,
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Roberto Navarro - TusProfesionales.es
I thought you all would be intersted in this..
Secretary of Energy Launches Initiatives To Bolster Security at Nuclear
Facilities
Improvements To Impact Cybersystems, Guard Force Protection, and
Consolidation of Nuclear Materials
AIKEN, S.C. - Secretary of Energy Spencer Abraham announced a set
Hi,
Orkut (http://www.orkut.com) is a social network in the net, where you
can meet new friends and connect your activities into communities.
it is like friendstar.
Now there is an orkut fake in the
wild named Orcut (http://www.orcut.com).
If you are a member of Orkut you receive messages with an
RandallM wrote:
Are you JOKING ME!! A WAKEUP CALL?? You are an idiot. They took deliberate
advantage of a release and already known exploit known by Microsoft!!
The only dam wakeup call should be to those who are capable to come to the
aid of mom and pops who just want to get their dam pictures of
[EMAIL PROTECTED] wrote:
On Thu, 13 May 2004 20:36:47 +0200, Gunter Luyten [EMAIL PROTECTED] said:
The model of a shared communications channel is a fundamental
factor in the effectiveness of an attack on this vulnerability.
For this reason, it is likely that devices
script type=text/javascript
Wnd = window.createPopup();
Wnd.document.body.innerHTML='meta http-equiv=imagetoolbar content=no';
/script
It crashs the latest IE with all patches. Dont see why it only seems to work for me
with only that META tag. Has anyone seen this before with
Hi
K-OTik published an exploit for sasser's ftpd :
http://www.k-otik.com/exploits/05102004.sasserftpd.c.php
Maybe you are seeing manual scans or a brand new worm.
Have a nice day
Maxime Ducharme
Programmeur / Spécialiste en sécurité réseau
- Original Message -
From: Roberto Navarro
hi FD,
I've read on zone-h that a group of hackers, called HAA, plans a massive
cyberattack against usa.
does anyone have heard about that ?
fred
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
As soon as your virus changes the content of any part of the system's
memory, be it the RAM or any other medium you have already manipulated
data and are guilty of the corresponding crime. It's as easy
as that. In
No it is not as easy as that. When I look at some random webpage, the
Hi!
I've read on zone-h that a group of hackers, called HAA, plans a massive
cyberattack against usa.
does anyone have heard about that ?
Can you define US in terms of internet routing ? Is there one US 'border' ?
There is networks, no US or Europe or anything on the net.
Bye,
Raymond.
On Fri, 2004-05-14 at 07:26, Roberto Navarro - TusProfesionales.es
wrote:
I have detected some scans lookin' for the 5554 port (sasser's ftpd).
Does somebody know anything about a new worm, exploiting its
vulnerabilty?
Perhaps the Dabber worm?
http://www.lurhq.com/dabber.html
Regards,
various snippage
Yes, but is it a crime that should be equated with holding hostages or
hijacking airliners?
Obviously no. Unless the -intent- (which you mention below) was to cause havoc on the
internet.
There is a bogus category of electronic terrorism, which is being subject to
the
Tobias, following your logic, the people who found and disclosed the
vulnerability that Sasser was abusing should be prosecuted together with
the author of the viral code.
What is the next stage? Jalining people who write proof of concept
exploit code? Punish Fyodor for writing nmap or maybe
-BEGIN PGP SIGNED MESSAGE-
__
SUSE Security Announcement
Package:mc
Announcement-ID:SuSE-SA:2004:012
Date: Friday, May
[SNIP}
--- Yes, but the context that he used implied that German laws are sane
and US laws are not. Not just one or two laws, but ALL laws. I took
offense to that. I see it time and time again where people are just into US
bashing for the sake of it. Just like saying that
Hello,
Anders B Jansson wrote:
[EMAIL PROTECTED] wrote:
you missed one point: Sasser only violates *unpatched* networks, not
networks in general.
Point not missed at all.
Probing a network for vulnerabilities with the intent to use the found
holes for sabotage (without the owners consent) is
Hi Nils,
On Fri, 2004-05-14 at 15:54, Nils Ketelsen wrote:
As soon as your virus changes the content of any part of the system's
memory, be it the RAM or any other medium you have already manipulated
data and are guilty of the corresponding crime. It's as easy
as that. In
No it is
Frederic Charpentier wrote:
hi FD,
I've read on zone-h that a group of hackers, called HAA, plans a massive
cyberattack against usa.
Imminent death of net predicted...film at 11?
does anyone have heard about that ?
There was a much-hyped hack the world competition last year (in July or
Roberto Navarro - TusProfesionales.es wrote:
I have detected some scans lookin' for the 5554 port (sasser's ftpd).
Does somebody know anything about a new worm, exploiting its
vulnerabilty?
Dabber worm :
http://www.theregister.co.uk/2004/05/14/dabber_worm/
The worm of the worm - all we need
I think you guys are talking about the Dabber worm.
http://vil.nai.com/vil/content/v_125300.htm
Exibar
- Original Message -
From: Maxime Ducharme [EMAIL PROTECTED]
To: Roberto Navarro - TusProfesionales.es [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Friday, May 14, 2004 10:01 AM
I can't post this to all the threads that I would like to, so I'm
opening a new one.
Follow this:
1. MS is wrongdoing by releasing (and charging for use of) software that
has bugs in it. Users of such software have losses in time/money by
trying to keep up with applying pathches, or just by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Well, I'm having as much fun as many others seeing you people spitting on
each other. It has been really entertaining. Loads of fun.
But isn't this time to drop this thread ?
[]s
- --
Rodrigo Barbosa [EMAIL PROTECTED]
Quid quid Latine dictum sit,
Technically, there _is_ sort of a sense of national borders in cyberspace in
the form of what backbone providers own which IP blocks ane where they
geographically distribute them.
- Original Message -
Hi!
I've read on zone-h that a group of hackers, called HAA, plans a massive
Well, if I had to venture a guess I would think:
http://www.iana.org/assignments/ipv4-address-space
Would be most usefull in finding out who is where.
On Fri, May 14, 2004 at 04:13:25PM +0200, Raymond Dijkxhoorn wrote:
Hi!
I've read on zone-h that a group of hackers, called HAA, plans a
On Fri, 14 May 2004 14:19:12 BST, Randal, Phil [EMAIL PROTECTED] said:
That's the Dabber worm:
http://vil.nai.com/vil/content/v_125300.htm
It's really sad that Sasser has nailed *so many* machines that Dabber
is able to propagate.
Out in the real world, a virus that could only spread
On Fri, 14 May 2004 16:13:25 +0200, Raymond Dijkxhoorn said:
Hi!
I've read on zone-h that a group of hackers, called HAA, plans a massive
cyberattack against usa.
does anyone have heard about that ?
Can you define US in terms of internet routing ? Is there one US 'border' ?
There is
here the link to the zone-h news :
http://www.zone-h.org/en/news/read/id=4225/
Fred.
Raymond Dijkxhoorn wrote:
Hi!
I've read on zone-h that a group of hackers, called HAA, plans a massive
cyberattack against usa.
does anyone have heard about that ?
Can you define US in terms of internet
Hello Frederic,
Friday, May 14, 2004, 9:51:51 AM, you wrote:
FC hi FD,
FC I've read on zone-h that a group of hackers, called HAA, plans a massive
FC cyberattack against usa.
Hope they dont or they will be caught like flies.
FC does anyone have heard about that ?
I heard it from some script
So society is to blame I guess. This is the same brain-dead logic that concludes that
we
shouldn't arrest poor people who commit crimes.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
[EMAIL PROTECTED]
-Original Message-
From:
Hi!
I've read on zone-h that a group of hackers, called HAA, plans a massive
cyberattack against usa.
does anyone have heard about that ?
Can you define US in terms of internet routing ? Is there one US 'border' ?
There is networks, no US or Europe or anything on the net.
OK..
I am responsible for security in a small business' network (50-or-so
machines, most of them running MS OSs). I have been aware of MSS bulletins
as soon as they where out, and made sure to apply patches as specified.
Sasser did nothing to my offices' network. But, on the other hand, I have a
single
This is a great story. Someone is trying to raise money for the Sasser author via a website.
"After all, SASSER was intended as a harmless wake-up call to the world. "
http://story.news.yahoo.com/news?tmpl=storycid=74ncid=1212e=9u=/cmp/20040514/tc_cmp/20300950
As far as Hackers Again
Symantec Multiple Firewall DNS Response Denial-of-Service (PoC)
HOD-symantec-firewall-DoS-expl [-fi:str] [-tp:int] [-ti:str] [-n:int]
-fi:IPFrom (sender) IP address
-tp:int To (recipient) port number
-ti:IPTo (recipient) IP address
-n:int
whois registrations for both sites seem to be the same.
The ip addresses of both servers are 66.28.205.19 and .22
respectively.
I'm inclined to think that it's legit and they've
simply taken steps to stop what you believe is
happening.
-Original Message-
From: Nico Golde
Nobody asked the burglar to do this. He broke law. He caused damages.
And he certainly didn't improve your security by doing so when the door
vendor already offered a patch for your door two weeks ago.
if the burglar was a really a good guy he would have come over knocked your door, ring
your
On Fri, 14 May 2004 19:08:32 +0200, Raymond Dijkxhoorn said:
You list one nice example, and also one that is pointing to what i were
saying. microsoft is, if i am right, still akamized.
Sort of. Their DNS seems to be, but not their hosting.
% dig www.microsoft.com
gives us:
i have been getting a lot of emails twice. is any one on the list experiencing the
same problem?
-aditya
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
^wrongdoing^evildoing and you could use this to justify another Bush war :-)
G
On or about 2004.05.14 17:27:48 +, Radule Soskic ([EMAIL PROTECTED]) said:
I can't post this to all the threads that I would like to, so I'm
opening a new one.
Follow this:
1. MS is wrongdoing by
- Original Message -
From: Radule Soskic [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, May 14, 2004 11:27 AM
Subject: [Full-Disclosure] New therad: sasser, costs, support etc
alltogether
I can't post this to all the threads that I would like to, so I'm
opening a new one.
Umm,
I'm confused. Fairly new to the security scene, but, didn't
the worm come out AFTER the patch? I guess Microsoft could have
patched it sooner so that the worm could have come out sooner.
The biggest question I have is why all the hostility at Microsoft
for patching their
Hello John,
* John LaCour [EMAIL PROTECTED] [2004-05-14 21:57]:
whois registrations for both sites seem to be the same.
The ip addresses of both servers are 66.28.205.19 and .22
respectively.
I'm inclined to think that it's legit and they've
simply taken steps to stop what you believe is
On Fri, 2004-05-14 at 17:23, Konstantin Gavrilenko wrote:
Tobias, following your logic, the people who found and disclosed the
vulnerability that Sasser was abusing should be prosecuted together with
the author of the viral code.
Why is that? Did they break German law? Are they responsible
Guys, I request you all to please stop
this thread. There is no need to fill up mailboxes with some non-sense
topic.
Let's maintain the quality of the list
by posting something useful to all.
thnx,
Manu Garg
http://manugarg.freezope.org
[EMAIL PROTECTED] wrote on 05/14/2004
11:06:57 PM:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Original Message -
From: Paolo Mattiangeli [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, May 14, 2004 5:41 PM
Subject: Re: [Full-Disclosure] Sasser author
I am responsible for security in a small business' network (50-or-so
machines, most of them running MS OSs). I have
On or about 2004.05.14 16:37:01 +, Frederic Charpentier ([EMAIL PROTECTED]) said:
here the link to the zone-h news :
http://www.zone-h.org/en/news/read/id=4225/
Oooh, Famous Brazilian newspapers have been informed... - not infamous
Brazilian newspapers or those crappy Brazilian
Hi Radule,
On Fri, 2004-05-14 at 17:27, Radule Soskic wrote:
I can't post this to all the threads that I would like to, so I'm
opening a new one.
Follow this:
1. MS is wrongdoing by releasing (and charging for use of) software that
has bugs in it. Users of such software have losses in
http://www.iana.org/assignments/ipv4-address-space
On Fri, May 14, 2004 at 12:32:51PM -0400, [EMAIL PROTECTED] wrote:
On Fri, 14 May 2004 16:13:25 +0200, Raymond Dijkxhoorn said:
Hi!
I've read on zone-h that a group of hackers, called HAA, plans a massive
cyberattack against usa.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Radule Soskic
1. MS is wrongdoing by releasing (and charging for use of) software that has bugs in it.
My parents are at fault for not creating a child with a body that can
withstand/deflect bullets.
2.
--- Konstantin V. Gavrilenko wrote:
snip snip
My personal opinion is that more blame should be put on M$. But where
would the security industry be if not for Microsoft's products :)
But Microsoft released a patch for the security hole that was found, I
don't care if it was 5 days or 5
Lets try this again. the last two attempts were rejected by some lousy
filter.
http://www.iana.org/assignments/ipv4-address-space
On Fri, May 14, 2004 at 12:32:51PM -0400, [EMAIL PROTECTED] wrote:
On Fri, 14 May 2004 16:13:25 +0200, Raymond Dijkxhoorn said:
Hi!
I've read on zone-h
I agree highly with point's 2 and 3 but not so much with point 1. If MS
is wrong by releasing buggy software then so is Sun, Ibm, Cisco, Every
Linux vendorhell anybody who has ever written a piece of software.
Now I am not trying to flame, and I am not a MS fan at all but lataly I
have been
any firewall even the one inside xp would have stopped sasser and you
would have been able to patch at your leisure.
Paolo Mattiangeli wrote:
- Original Message -
From: Paolo Mattiangeli [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, May 14, 2004 5:41 PM
Subject: Re:
Hi all,
I'm a student doing a research paper on the IDS/IPS industry, from the perspective of analyzing products - what works and what doesn't, and also analyzing vendors - who will succeed. Anyone had good/bad experiences with these vendors? (Your response will be kept strictly confidential.)
[EMAIL PROTECTED] wrote:
Anders B Jansson wrote:
And stop this silly mumbling about Sasser being created as warning or
heads up.
That's your *interpretation*, not what I said. And this interpretation
is *wrong*.
No, it's not an interpretation, it caused havoc, that's a fact.
If it had been
You are making the assumption that Microsoft knew of the bugs that caused
Sasser before they released the software. If any manufacturers of any goods
had to be sure that there were no possible defects before they started
selling it, you would never have anything on sale.
There is no such thing
Title: wednesday
Re-finance now, even with bad-credit!
*Best Re-finance Rate for credit challenged.
*Best Customer Service
*Lowest Interest-Rates in Years
*SAVE n100-p400 per month
Our easy application only takes 1 minutes.
Visit here for more information
I'ts not really that simple though.
Ok, this guy has 50 or so machines on a (assumed) flat network. He's
running Checkpoint-1 firewall and blocking all not-needed ports, etc etc.
He feels that because he has a firewall blocking the Sasser ports at the
only internet ingress/egress point that
Title: rxspecials.biz
Hi Full-disclosure,
Our online store is the place to find many prescription drugs without a prior prescription.
Always Available: & X_A_Nax . V|AGR@ ? Val.i.um \ S:o:ma ( Pnt3rmin = A.t|[EMAIL PROTECTED]
Plus: S'0naTa, Fl'3xeril, C.e|3brex, Fi0:ric3t, [EMAIL
Hi!
i have been getting a lot of emails twice. is any one on the list experiencing the
same problem?
-aditya
Yes, same here.
Looks someone is re-mailing them ?
Bye,
Raymond.
___
Full-Disclosure - We believe in it.
Charter:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200405-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
William Warren to Paolo Mattiangeli's grizzle about being Sasser'ed at
home:
any firewall even the one inside xp would have stopped sasser and you
would have been able to patch at your leisure.
And, depending on your network architecture, it can be even easier than
that. Why would any
QUESTION:
If a tree falls in the woods where no one is around to hear it does it make
a sound?
If there wasn't someone looking for bugs or exploits would there be any?
In a perfect world this list wouldn't exist.
___
Full-Disclosure - We believe
71 matches
Mail list logo