wow... No more words!!! 2006/2/11, Dave Feustel <[EMAIL PROTECTED]>: > > On Saturday 11 February 2006 10:59, Roman Hunt wrote: > > > > Dude what is your major f*&^%! malfunction? Years ago this sh!^ would've > > never been allowed to fly on this list. > > Sorry. I don't intend to offend or to irritate. Just out of curiosity, how > old are you? > Also, to which post are you referring? > > > Maybe you think that posting all this ridiculous shit is funny but it's > > really not. > > Actually, I don't think it's rediculous or funny, but you have a right to > your opinion and > also to express it. > > > Go take a class at a community college and learn the basics before you > post > > again. > > I may well be the only person in Fort Wayne using OpenBSD or even > pretending to know anything about it. > I am not aware of any courses in BSD around here. > > > PLEASE! And definitely stop wasting your time trying > > To discover how to exploit systems you are unable to comprehend. > > Actually, I am in defensive mode. My system is clearly being penetrated. > I am trying to find and plug the holes. So far running pf with a block in > all' seems to > be the most effective defense. I opened up port 80 to run Apache, but I > started having problems again, so I went back to the 'block all' rule. > I've found and reported to kde and misc a security problem in the way > kde is currently ported to OpenBSD. The kde developers understand the > problem > and, last I heard, had a fix in the pipeline. I've got a kludge fix for > that problem now. > But I am still seeing signs of intrusion, so there are either still > unblocked (kde or x11) holes > that I haven't found that provide intruders with at least user privileges, > or my system > was rooted at some point in the past and will continue to be rooted until > I either reinstall or > upgrade to 3.9 sometime after May. Today I found two attempts to access > port 6000. > One from China, the other from Korea. > > > That said.... If you ever need serious system administration help for a > > serious issue (not one you make up when you are all paranoid and gunning > > to be a BIG HACKER HERO) then feel free to ask me and I'll be happy to > help. > > I have no interest in being a cracker. I've looked at what is typically > involved in > cracking a system or creating shell code and I have no interest in > spending my > time doing either, although I have more than enough experience with x86 > assembly > code for that time-wasting activity. I have other projects that I need > to spend time on. Are you interested in general relativity, > electromagnetism, or > tensors? I definitely need help with tensors. > > And I do appreciate your offer of help. I only wish it weren't so hard to > explain things by > email. > > Dave > > - > > Roman > > > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of > > Dave Feustel > > Sent: Saturday, February 11, 2006 6:04 AM > > To: misc@openbsd.org > > Subject: X11 exploit info > > > > > > at http://www.hackinglinuxexposed.com/articles/ > > is a 3-part series on X-11 exploits which those who > > think they understand x11 security might wish to > > read and comment upon. I clearly don't understand > > x11 security so I have no comments, but I will read > > with great interest comments by anyone else. > > > > 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding Logging > into > > another machine can compromise your desktop... > > > > 08-Jun-2004: The ease of (ab)using X11, Part 2 > > Abusing X11 for fun and passwords. > > > > 13-May-2004: The ease of (ab)using X11, Part 1 > > X11 is the protocol that underlies your graphical desktop environment, > and > > you need to be aware of its security model. > > > > Dave Feustel > > -- > Lose, v., experience a loss, get rid of, "lose the weight" > Loose, adj., not tight, let go, free, "loose clothing" > >
-- Abragos Ricardo Lucas We have to stop been egoist and think more on ourselves.