Re: [Full-disclosure] For Sale: Security Vulnerability Database Company

Thu, 09 Mar 2006 13:15:03 -0800

Thats a complete exaduration actually, theres no query on the group that would come up with 5,000 results. The n3td3v group engine is pretty accurate, and displays perfect technical detail documentation, and additionally, (if required) can offer related and even off shoot background discussion into a particular vulnerability at the time of its disclosure. To say an ntp search would come up with 5,000 unrelated results is completely barbaric. I think the source to your hatred is with the founder ('n3td3v') rather than the group its self which offers a great resource to anyone in the security field. Of course, if you can provide conclusive evidence to the contrary, do get in touch with the list, providing indepth audit information relating to your claim.

[EMAIL PROTECTED] wrote:
On Wed, 08 Mar 2006 05:46:03 PST, System Outage said:

> Why would someone buy a security vulnerability database company? Theres
> already free security vulnerability databases out there. Try this one I
> recently found, you can search for anything you want http://groups.google.com/
> group/n3td3v and its free.

Geez. Somebody hand me a sharp wooden stake, a good mallet, and some garlic
and holy water just in case... ;)

I'm sure you can *search* for anything you want there. The value of a database
is, however, directly related to its ability to return useful information.

5,000 postings that all say "wow leet hole in ntp a few years ago" is worth
nowhere near as much as one detailed technical posting of how that exploit
leveraged a one-byte buffer overrun into a complete rooting of the box....

Brings words and photos together (easily) with
PhotoMail - it's free and works with Yahoo! Mail.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Reply via email to