which reminds me, i've noticed there have been reports of new scans on port 25, 80, 8080, 8383 lately as well, i can provide more info on that if someone would like it.
Don > >-----Original Message----- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED]]On Behalf Of Don Weber > >Sent: Tuesday, July 30, 2002 8:36 AM > >To: [EMAIL PROTECTED] > >Subject: RE: [IMail Forum] > > > > > >Scott, i recall the original bugtraq post, and my understanding > >was that it > >was a full disclosure type of statement, as i understood it, he was > >explaining the problem, and sent source code to reproduce the > >problem, yes > >he sent a patch, but i didnt really feel that he was trying to get ppl to > >run that, i think he was being quite outright in giving the > >source code he > >used to create the patch, so that anyone could see that by viewing the > >source and compiling from the source, they get the same program, > >in which i > >have yet to see any evidence of that source or program > >containing a trojan, > >mayb i just read it differently, but the last i seen on bugtraq > >was IPswitch > >saying basically that there is no problem. this is what got my attention. > >personally i am about in the middle of full disclosure practices, I agree > >that informing the company to an extent is and should be > >attempted, but for > >some reason i think this guy was just looked over, i mean you can see, he > >reported a problem, and was told he was a hacker trying to get > >ppl to run a > >trojan, do you think it might be possible that he may have informed > >ipswitch, say, 2 weeks ago, and already got a response from them saying > >there was no problem, and therefore he posted to bugtraq, from what i see > >first hand in this matter is that, he reported an exploit and was told by > >the company that there is no problem. which leads me to blv that he would > >have got the same response had he followed standard procedure. look at > >bugtraq yourself, this is exactly what happened. > > > >Don > > > >> >-----Original Message----- > >> >From: [EMAIL PROTECTED] > >> >[mailto:[EMAIL PROTECTED]]On Behalf Of R. > >Scott Perry > >> >Sent: Tuesday, July 30, 2002 5:13 AM > >> >To: [EMAIL PROTECTED] > >> >Subject: Re: [IMail Forum] > >> > > >> > > >> > > >> >>i hope someone it ipswitch is paying attention to bugtraq, that > >> >guys seems > >> >>pretty convinced at least that there IS an exploitable hole. > >> > > >> >They definitely are paying attention, and have tried to > >> >reproduce the problem. > >> > > >> >I, however, can give very little credibility to a hacker that sends a > >> >program to thousands of people, trying to get them to run it, > >> >claiming that > >> >it is a patch. The standard procedure when finding a security > >> >hole is to > >> >inform the company that makes the product, give them time to > >fix it, and > >> >then post information about the hole. Bypassing the step of > >> >informing the > >> >company is very unprofessional, and sending a patch that is almost > >> >certainly a trojan horse -- well I'll let everyone come to their own > >> >conclusion about that one. > >> > > >> >FWIW, Ipswitch has a very good track record in dealing with > >*legitimate* > >> >security holes. > >> > > >> > -Scott > >> >--- > >> >Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for > >> >IMail. http://www.declude.com > >> > > >> >--- > >> >[This E-mail was scanned for viruses by Declude Virus > >(http://www.declude.com)] > > > > > >Please visit http://www.ipswitch.com/support/mailing-lists.html > >to be removed from this list. > > > >An Archive of this list is available at: > >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > >Please visit the Knowledge Base for answers to frequently asked > >questions: http://www.ipswitch.com/support/IMail/ > > > > > >Please visit http://www.ipswitch.com/support/mailing-lists.html > >to be removed from this list. > > > >An Archive of this list is available at: > >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > >Please visit the Knowledge Base for answers to frequently asked > >questions: http://www.ipswitch.com/support/IMail/ > > Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
