I think I have a candidate for a new signature: "nmap YOURSELF a new one where the sun don't shine, for all I care."
Thanks for the chuckle, John. John Hebert --- john beamon <[EMAIL PROTECTED]> wrote: > On Sat, 8 Jun 2002, John Hebert wrote: > > > > > Stereotyping? What exactly _do_ you call kids that > > wanna appear as 1337 h4x075 but can't figure out > for > > themselves how to actually break into a computer, > so > > they download somebody else's script that does it > for > > them? > > > > "open source software users"? ;-) > > That is the *only* tidbit I'm gonna contribute to > this conversation! > r00tkitting was the proposed subject of a LUG > meeting that got bitbucketed > a long time ago, so it's a valid subject. I totally > agree that one should > know basic security and a ton about their OS before > getting into this, but > that's entirely to preserve notions of "honor" and > "dignity", largely > absent in the use of r00tkits in the first place. > Am I curious? Yes. > Have I bothered yet? No. Did I use my own 1337 > 5Ki11Z to engineer a > CodeRed-host scanner for my last employer? Yes, > both out of curiousity > for the attack itself and a depth of knowledge about > the systems involved. > Grab a kit, read the docs, browse the source. Test > it on YOURSELF, > preferably unplugged from the internet and AFTER > you've grabbed cleansing > tools from Symantec or wherever. Know what it does > FIRST, before you > start depending on it for your education. I would > hate to grab someone's > worm, start playing with it without taking basic > precautions, and have it > reveal my Windows boxen to the author because I was > careless and 1337 and > 57VPID. > > A more useful approach, in the long run, would be to > find known holes in > old versions of wu-ftpd and sendmail, then exploit > them yourself. Find > out what's wrong with these broken old versions, > exploit them in a > controlled environment, WITHOUT relying on internet > scanning tools. nmap > YOURSELF a new one where the sun don't shine, for > all I care. There are > kits out there that run themselves, but the > mentality involved in running > them carelessly is what we all point and laugh at in > the closed-source > software world. Point-click, get careless, get > infected by the kid who > WROTE the darn thing because his tool calls home > with your IP address. > NOT the way to learn. Perfect way to get h0z3d. > > -j > > > _______________________________________________ > General mailing list > [email protected] > http://brlug.net/mailman/listinfo/general_brlug.net __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
