210.240.39.40 tcp 2255, 5522, 9009
This is the phone home site for a worm found on the network. Any idea
what service they are running on these ports or how to loggin or register?
This is the worm.
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FSDBOT%2ECGYVSect=P
Rule Set Based Access Control (RSBAC) v1.2.5 has been released! Full
information and downloads are available at http://www.rsbac.org
RSBAC Key Features:
* Free Open Source (GPL) Linux kernel security extension
* Independent of governments and big companies
* Several well-known and
On 9/27/05, odinanne [EMAIL PROTECTED] wrote:
210.240.39.40 tcp 2255, 5522, 9009
This is the phone home site for a worm found on the network. Any idea
what service they are running on these ports or how to loggin or register?
This is the worm.
This is the phone home site for a worm found on the network. Any idea
what service they are running on these ports or how to loggin or register?
Standard [AGO|SD|RX] bot stuff .. it's just an IRCd .. use mIRC, xCHAT,
whatever ...
The channels are always invisible and password protected.
Original Message
From: Volker Tanger
Message-Id: [EMAIL PROTECTED]
Greetings!
Dave Korn [EMAIL PROTECTED] wrote:
From: Alex Krycek
Äîáðûé âå÷åð...looking for an in-line coax monitoring device that
will give me the ability to monitor/capture and decode all traffic
The device you
- Original Message -
From: Marc Maiffret [EMAIL PROTECTED]
To: Exibar [EMAIL PROTECTED]; c0ntex [EMAIL PROTECTED]; Josh
Perrymon [EMAIL PROTECTED];
full-d[EMAIL PROTECTED]
Sent: Monday, September 26, 2005 4:49 PM
Subject: RE: [Full-disclosure] CORE-Impact license bypass
snip
As far
Exibar wrote:
I didn't mean to imply that the consultants create their own exploits,
not many I know could even begin to do that, only a couple are talented
enough to do just that. Even for those very few, it's just not feasable
from a time perspective. Much quick and cost effective to
Well im agree with you, Zone-H really sucks!
but why the fuck u think that U.S Security Services are able to act around all the world?
Or u dont know any other country than .us ? EOO the rest of the world exists!!!
zone-h is located in estonia and astaroth live in italia ... so call the
n3td3v,
I would compare zone-h more to a newspaper than a terrorists site.
Newspapers report what is happening in the world whether it's good news
or bad news. Zone-h brings news about defacements and other security
related issues, it does not encourage defacements.
Richh
-Original
Yeah but zone-h defacement area its used to make defacing contest...
One thing is to report that a interesting site have been defaced ...
and other shit its support defacing groups breaking into in
no-one-is-interested website
On 9/27/05, Richard Horsman [EMAIL PROTECTED] wrote:
n3td3v,I
On 9/27/05, J. Oquendo [EMAIL PROTECTED] wrote:
On Tue, 27 Sep 2005, n3td3v wrote:
Do newspaper sites ask suicide bombers to submit videos?
They do so in subliminal ways. See the problem with most people is they
don't want to see the darker sides of life. Out of site out of mind.
Forget
I think automated tools should be used for penentration testing when it is possible. Why shouldthe penetration tester usemanual means and waste time? After all your average script kiddie will be using CORE like applications such as Metasploittoexploit a system.I do understand thatfor the techies
Joxean Koret wrote:
Yeah but zone-h defacement area its used to make defacing contest...
So what... so was attrition and safemode... if its not them someone
else will archive...
-KF
___
Full-Disclosure - We believe in it.
Charter:
On 9/27/05, Bart Lansing [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUICIDE bombers...typically DEAD. Tough to solicit videos from
them, and rather pointless to keep a top ten list as
they...well...can't exactly do it again.
Suicide bombers typically aren't
KF is right on the dot. There will always be a defacement site.
/str0ke
On 9/27/05, KF (lists) [EMAIL PROTECTED] wrote:
Joxean Koret wrote:
Yeah but zone-h defacement area its used to make defacing contest...
So what... so was attrition and safemode... if its not them someone
else
Not if the U.S security services decide to have a war on cyber terror sites.
On 9/27/05, str0ke [EMAIL PROTECTED] wrote:
KF is right on the dot. There will always be a defacement site.
/str0ke
___
Full-Disclosure - We believe in it.
Charter:
l33t UpZ 2 M4 P33PZ 1N #L33tHAX4lif3
S3Rv0R AdM1Nz!!! YUO N3#D 2 PaTcH Yu0z C0mPuT0rZ 4 D4 M4D H4x!
M1cr0SoFt 1s D4 SuXz! I H4X 4 P00R P33pz C4Uz3 D3y B P00r 4nD K4Ntz
HaX G00d!!!1!11!!!one!!shift+one!!!11!!
1 Iz T3H Ph34R MaKhin3!
Sh00tz 2:
n3td3v 4 acc3pt1ng m3z MySp4c3 Fr13nd
Since when does a website defacement classify as cyber terrorism? Name
one person that has ever lost their life as a result of a website
defacement.
One would suggest you buy a fckin clue before letting fly with garbage
like this.
Ooohh... That's right. I'm sorry. Numbers *and* letters in
I think the security services are more concerned with the real deal
then some douchebag who grabbed the latest mass defacer script from
some .br.
Again.. i would be more worried about the internal threat then some
kiddy trying to swap my index.html with his l33t version.
Dre
On 9/27/05, n3td3v
Terrorism doesn't always mean death my friend, here is the definition
of terrorism.
ter·ror·ism Audio pronunciation of terrorism ( P ) Pronunciation
Key (tr-rzm)
n.
The unlawful use or threatened use of force or violence by a
person or an organized group against people or property with
I prefer this definition
cyber terrorism - Using electronic means to execute premeditated,
politically motivated violence perpetrated against noncombatant
targets by subnational groups or clandestine agents, usually intended
to influence an audience.
Note the use of the word violence..
taken
n3td3v wrote:
Not if the U.S security services decide to have a war on cyber terror sites.
Why are you on the Full Disclosure mailing list again?
You do realize that the concept of Full Disclosure includes analyzing
defacement sites and that there is, in fact, a legitimate reason to have
While politics of security -is- important. I also have a close
relationship with research and engineering within communities. Your
comments are less-than-researched in full, with respect of who I am
and what my common values are.
You probably judge people on this list alot.
n3td3v = 7 years of
On 9/27/05, Ken Pfeil [EMAIL PROTECTED] wrote:
Since when does a website defacement classify as cyber terrorism? Name
one person that has ever lost their life as a result of a website
defacement.
I am not sure that we can know that. A site may be defaced in a way
that is not advertised - as
N3td3v worte:
I'm sure the feds have ways of detecting cyber terrorism, without the
help of public sites like Zone-H. And if they don't, why?
Agreed, so what are you complaining about again? You first post was
about how it was evil and how the government needs to do something about
it. Then you
24 - 7 equals 17. I don't think owning a computer equals security
experience, do you?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of n3td3v
Sent: Tuesday, September 27, 2005 1:24 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re:
: Not if the U.S security services decide to have a war on cyber terror
: sites.
You aren't from the US are you? The idea that U.S security services can
arbitrarily shut down a site outside the US, and that the FBI or anyone
else *would* shut down a site, even in the US is a bit silly. Almost
||
|| [ISR]
|| Infobyte Security Research
|| www.infobyte.com.ar
|| 09.27.2005
||
.:: SUMMARY
Novell GroupWise Client Integer Overflow
Version: GroupWise 6.5.3, It is suspected that all previous versions of
Groupwise Client
are vulnerable.
.:: BACKGROUND
GroupWise Client is Novell's
J. Oquendo wrote:
To offer single sided right winged Hitlerish views of his personal Nirvana
of what security should be knowing little about it.
Hahahaha... too true.
I recall when Attrition was in their Heyday and some issues they ran
into archiving defaced sites. I also take note of the
Zone-H is not a mirror. A mirror doesn't ask for its reflection.
Zone-H is reflecting its self, and nothing else.
On 9/27/05, security curmudgeon [EMAIL PROTECTED] wrote:
As KF and str0ke said, there will always be a defacement mirror.
___
I figured it out..
N3td3v is trying to throw the SVR/GRU off his trail by acting like a
whitehat(e) while he concocts his diabolical plan for world domination
by releasing a multi vector aim/yahoo/msn 0day worm.
n3t don't worry your secret is safe with me!
Opps i did it again
it's always amusing, out-of-office, attending a security conference
hahaha, he has probably 7 years of experience too :-)
ring ring ring
this is the http://www.citco.com/ Amsterdam office speaking, can I help
you?
yes, my name is Kevin Burtch, i am your security administrator at the
ICT-dept
1 pt for the red corner... (or do you fancy another color n3t?)
While this has been a rather amusing thread i am afraid this will be
my last pointless post in it. I know, i know my legions of adoring
fans will now roam the streets with a complete lack of direction and
general hatred for mankind.
Hey, you know too much about me. ;-)
On 9/27/05, Andre Ludwig [EMAIL PROTECTED] wrote:
I figured it out..
N3td3v is trying to throw the SVR/GRU off his trail by acting like a
whitehat(e) while he concocts his diabolical plan for world domination
by releasing a multi vector aim/yahoo/msn 0day
I know all because my real name is John Titor, and i was sent from the future.
Timetravel_0
On 9/27/05, n3td3v [EMAIL PROTECTED] wrote:
Hey, you know too much about me. ;-)
On 9/27/05, Andre Ludwig [EMAIL PROTECTED] wrote:
I figured it out..
N3td3v is trying to throw the SVR/GRU off
: Nahh if it comes to world domination my money is on Jericho Forget the
: defacement archive that's easy..Anyone who runs the site that has
: managed to keep a fairly complete record of who has been sleeping with
: who since 1996 includeing feds and a bunch of privacy freaks like
: hackers
Oh I see what you mean so logically
n3td3v == d0uch3b4g
Thanks for the math lesson!
-KF
n3td3v wrote:
A math doesn't always consist of
numbers. Logic and numbers out and in of math is important. The
orignal math with numbers you learn at school is just an example of
how to use that
Noted :) of all the intel networks and weird radars I have been on over
the years that ones the only one with accurate intel and has come the
closest to
getting me killed :)
*Many props*
p.s
didn't you used to maintain the chart?
I must be getting old
Dominique Davis aka Mister Mojo
PivX
Bernhard Mueller wrote:
Exibar wrote:
I didn't mean to imply that the consultants create their own exploits,
not many I know could even begin to do that, only a couple are talented
enough to do just that. Even for those very few, it's just not feasable
from a time perspective. Much
Seven years huh ok that's pretty impressive..
What exactly constitutes corporate intelligence I have always been
interested in the topic but never seem to be abel to find anyone who can
properly explain the concept and how the shadowy world of corporate
intelligence works as it applies to Large
On Tue, Sep 27, 2005 at 10:57:57AM -0300, Francisco Amato wrote:
[snip]
.:: DESCRIPTION
This issue is due to a failure of the application to securely parse the
saved port number of the last authentication store in windows register.
To reproduce this, we have to modify the default
http://www.unitedmedia.com/comics/dilbert/archive/index.html
All you need to know about the corporate world.
Dre
On 9/27/05, Dominique Davis [EMAIL PROTECTED] wrote:
Seven years huh ok that's pretty impressive..
What exactly constitutes corporate intelligence I have always been
interested in
who says i'm a l33t h4cker like you?
wise ass :-*, i never was and never will be one
now keep quiet netdeffie, you have mailed enough for one day and so have I
n3td3v wrote:
If you were a hacker, you wouldn't be looking at the attending a
security conference but asking yourself, which
On Tue, 27 Sep 2005 17:53:58 +0200, Bernhard Mueller said:
so what use is a pentest if the consultant isn't even talented enough to
find / create exploits for unknown vulnerabilities?
Quite a bit, actually.
Consider every pen test ever done by a consultant who wasn't that talented, but
who
On Tue, 27 Sep 2005 15:36:22 EDT, security curmudgeon said:
http://attrition.org/hosted/sexchart/
Puts a whole new meaning to UUCP bang-paths. :)
pgpWRVQA9oTYP.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter:
Do you think they still do the pizza thing? I bet that all those
starbucks in downtown D.C. are the new intel meter.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of [EMAIL PROTECTED]
Sent: Tuesday, September 27, 2005 5:25 PM
To: Dominique Davis
That will do nicely
Dominique Davis aka Mister Mojo
PivX Solutions, Inc.
#23 Corporate Plaza
Suite 280
Newport Beach, CA. 92660
(949) 999-1635 Office
(949) 903-6523 Cell
www.pivx.com
Ticker Symbol: pivx
-Original Message-
From: Todd Towles [mailto:[EMAIL PROTECTED]
Sent: Tuesday,
On Tue, 27 Sep 2005, Dave Korn wrote:
Dave Korn [EMAIL PROTECTED] wrote:
From: Alex Krycek
?? ?...looking for an in-line coax monitoring device that
will give me the ability to monitor/capture and decode all traffic
The device you are looking for does exist. It's called a
On Tue, 27 Sep 2005, Bernhard Mueller wrote:
Exibar wrote:
I didn't mean to imply that the consultants create their own exploits,
not many I know could even begin to do that, only a couple are talented
enough to do just that. Even for those very few, it's just not feasable
from a
SUICIDE bombers...typically DEAD. Tough to solicit videos from
them, and rather pointless to keep a top ten list as
they...well...can't exactly do it again.
Now the real entertainment begins
Delivered using the Free
50 matches
Mail list logo
