1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
yes, some do. The three most common forms of viral use of IRC that I see are:
1. Virus/worm/trojan writers have it connect to a server and notify a
channel that it has infected xx.xx.xx.xx. This is an attempt to keep
--On Friday, November 19, 2004 01:12:31 PM -0500 Crotty, Edward
[EMAIL PROTECTED] wrote:
I'm not a Win based guy (troll?) - Un*x here - and even I was offended by
#1.
There is such a thing as runas for Windows.
That's not all.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Sorry to offend those that use IRC legitimately (LOL - find something
else to chat with your buddies), but why the hell are we not pushing
to sunset IRC?
because you can't, i'm not sure what you think IRC is.. but it isn't
one network run by a few geeks. It's thousands of networks accross
ive never seen so many repetitive and knee-jerk reactions to one
[potentially baseless] post in all my years of watching FD [the
obvious exceptions being the OT political nonsense occurring here,
especially as of late] as witnessed during my reading of this thread.
but moving right along ... :D
On Fri, 19 Nov 2004 17:10:13 -0500, Tim
[EMAIL PROTECTED] wrote:
My mistake; I was referring to the discussion, collaboration, and
creation, not the spread.
You mentioned DDoS attacks below. I don't believe that use is a form of
discussion, collaboration, or creation.
Some say we
james edwards wrote:
It is not IRC that is the problem, it is the people on IRC that cause
problems.
Guns don't kill people all by by themselves; people kill people.
but it's the holes they make that really do 'em in, no? %-)
--
dk
___
Danny [EMAIL PROTECTED] wrote:
What would IT be like today without IRC (or the like)? Am I narrow
minded to say that it would be a much safer place?
To be honest: Yes, i think it is quite narrow-mindet to say that.
Sure, there are some scriptkiddies and crackers who organize
themselves
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-29
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-28
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
On 19 Nov 2004, at 18:40, Jeremy Davis wrote:
Are you able to change root's name in nix?
Sure. There's no reason why not.
Why not if the answer is no?
(Things would break right? UID 0?) Knowing the account name is
two-thirds of the battle.
A much better system is to have root's password unset
The fact that it is an open protocol makes it easy to spot, you don't
look for specific ports you look for specific behavior (i.e. - privmsg)
Not that I'm saying this should be done. IRC is used by many ppl in very
good ways!
I'm just saying that the two points shouldn't be confused. SSL is a
phpBB 2.0.10 execute command by pokleyzz pokleyzz at scan-associates.net
http://www.securitylab.ru/49574.html
Dude, mplayer2 rulez!! I use it to play all sorts of things. =) I'm
glad they left it there... the newer MS media player is just bloat.
Media Player Classic (that comes with RealAlternative and QuickTime
Alternative) is another one of my favs. =D
Yeah, not really anything to do with the topic,
Well, fellow F-D'ers, thanks to the vast array of intelligence and
experience found on this list, my rant about abolishing IRC has been
proven to be far from a solution.
I..can't tell if it's sarcasm or not, damn those trolls and their mind
poisoning ways.
--
zxy_rbt2
On Fri, 2004-11-19 at 12:40 -0500, Danny wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
Not as much as email does. What
On Fri, 19 Nov 2004 14:39:13 -0600, Bowes, Ronald (EST)
[EMAIL PROTECTED] wrote:
How does it infect somebody if it's using a .txt file?
They (peoples uneducated in Windows file extenstions) think it's a txt file.
...D
___
Full-Disclosure - We believe
ok greg drop another tab
On Fri, 19 Nov 2004 08:27:27 -0800, Gregory Gilliss
[EMAIL PROTECTED] wrote:
Yeah, I'd like for my country to accummulate all the available computer
security knowledge too...one heck of a competative advantage to have.
Registrant:
Alon Swartz
Har Sinai St
Paul Schmehl wrote:
Even *if* they are correct (which is at least debateable) the 130,000 vote
discrepancy they argue for won't overcome Bush's lead of 380,000, so this
is, at best, an academic exercise.
If they are even possibly correct a discrepancy that large must be
investigated to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Adam == Adam Jacob Muller [EMAIL PROTECTED] writes:
Adam Rot 13 may not be strong but rot12 is. I once posted a
Adam string that I only rotated 12 chars to my blog and it took a
Adam month before anyone figured it out that probably
On 19 Nov 2004, at 10:50, Anders Langworthy wrote:
Pavel Kankovsky wrote:
Now the other possibility: That somebody discovers a better way to
factor primes (please don tinfoil hats before replying to tell me that
the NSA has already done this, in Area 51, with help from Elvis).
Mathematically,
Is IRC bad? Yes.
Is SMTP bad? Yes.
Why? Because they are simple and basic protocol implementations
created decades ago. Not that they aren't efficient and easy, but
they certainly have their shortcomings in terms of security and AAA.
Yes, people can certainly switch to other mediums which
Andrew Farmer wrote:
nitpick
Factoring primes is a solved problem. You probably mean factoring the
product of two large primes.
/nitpick
Oops.
Andrew is absolutely correct. I apologize if anybody was confused about
the distinction. I should have proofread.
//Anders
On Fri, 19 Nov 2004 22:48:46 +, Andrew Smith [EMAIL PROTECTED] wrote:
Well, fellow F-D'ers, thanks to the vast array of intelligence and
experience found on this list, my rant about abolishing IRC has been
proven to be far from a solution.
I..can't tell if it's sarcasm or not, damn
Thanks list for the good discussion, now I going back to read crypto basics :)
Thanks regards,
Gautam
Yo Gautum!
On Fri, 19 Nov 2004, Gautam R. Singh wrote:
I was just wondering is there any encrytpion alogortim which expires wit
h time.
IPSec, kerboros, etc. all use time as part
been on yahoo lately? or AOL channels or hell how bout gnutella?
-Original Message-
From: Danny [mailto:[EMAIL PROTECTED]
Sent: Friday, November 19, 2004 2:53 PM
To: Keith Pachulski
Cc: Mailing List - Full-Disclosure
Subject: Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov
Let s play, on Wednesday 17, Nov - Secunia released the advisory Microsoft
Internet Explorer Two Vulnerabilities, related to a vulnerability discovered by
cyber flash. This file download security warning bypass (unpatched) flaw could
be exploited to download a malicious executable file
how bout because it is entertaining and it is an easy way to communicate with a
large group of ppl at once
-Original Message-
From: Danny [mailto:[EMAIL PROTECTED]
Sent: Friday, November 19, 2004 12:40 PM
To: Mailing List - Full-Disclosure
Subject: [Full-Disclosure] Why is IRC still
Well if hacking Windows cold across a tcp/ip service such as web this may be
helpful, but it doesn't require much more than that to figure out what the
admin account is for a given machine.
joe
--
Pro-Choice
Let me choose if I even want a browser loaded thanks!
-Original Message-
Devis:
I guess you probably mean me. I don't take offense to it though as you
aren't really technically correct but I understand where you are trying to
come from (I think) and trust that you believe what you say versus just
being a zealot and thinking anything but Windows.
1. The first account
Danny: there's not need to keep replying, this is a mailing list.
Here's what happens:
1) Question posted.
2) Valid replies posted.
3) 30-40 others repeat replies at 2)
4) In come the trolls..
--
zxy_rbt2
___
Full-Disclosure - We believe in it.
I agree with your initial comment, they can both be changed. I also agree
they both do little.
I don't agree that the hardcoding in the source does anything for you.
--
Pro-Choice
Let me choose if I even want a browser loaded thanks!
-Original Message-
From: [EMAIL PROTECTED]
On 15/11/2004, at 22:50, Stuart Fox ((DSL AK)) wrote:
Can the Firefox settings be controlled centrally?
Yes, and more flexible than IE versions zoo at user computers.
Download
a Firefox ZIP (not Firefox_Setup_1.0.exe but Firefox 1.0.zip), unpack
it
to R/O share on file server, edit JS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo Gautum!
On Fri, 19 Nov 2004, Gautam R. Singh wrote:
I was just wondering is there any encrytpion alogortim which expires wit
h time.
IPSec, kerboros, etc. all use time as part of the auto-generated session
key to prevent playback attacks.
If
In the last year or two of subscribing to FD, that is the single most idiotic
statement I have ever read.
-Original Message-
From: [EMAIL PROTECTED] on behalf of Danny
Sent: Fri 19/11/2004 17:40
To: Mailing List - Full-Disclosure
I think if the main design of any system was run as mortal and do runas for
things that need more, you would have a system that by default, NEVER
allowed interactive logon to an account that does more. Further it wouldn't
let you change that code to allow it. Heck I would even take it further and
there is some great stuff developed on irc. have you ever used a
cvsbot? I just love those check-in privmsg notifications.
chris
==
'when all you have is a nail-gun, every problem looks like a messiah'
Danny wrote:
On Fri, 19 Nov 2004 17:10:13 -0500, Tim
[EMAIL PROTECTED] wrote:
My mistake; I
On Fri, 2004-11-19 at 17:40, Danny wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
2) A considerable amount of script
Danny wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
2) A considerable amount of script kiddies originate and grow through
Micheal Espinola Jr wrote:
Is SMTP bad? Yes.
Why? Because they are simple and basic protocol implementations
Are or were ? smtp supports tls for example (I dropped irc because I
have very little knowledge about it).
Not that they aren't efficient and easy, but
they certainly have their
On Sat, 2004-11-20 at 08:20, joe wrote:
I agree with your initial comment, they can both be changed. I also agree
they both do little.
I don't agree that the hardcoding in the source does anything for you.
Well, it *allows* you to change the ID of the superuser account to
something else.
On Fri, Nov 19, 2004 at 04:19:49PM -0600, Paul Schmehl wrote:
Windows has several groups. By default users are in
the USERS group, *not* the ADMINISTRATORS group.
On every XP install that I've seen from every major OEM (Dell, Compaq,
Gateway, etc) fast user switching is on by default and
On Fri, 19 Nov 2004 13:54:30 -0500, bkfsec [EMAIL PROTECTED] wrote:
Danny wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further
On Fri, 19 Nov 2004 14:47:31 -0500, Keith Pachulski [EMAIL PROTECTED] wrote:
how bout because it is entertaining and it is an easy way to communicate with
a large group of ppl at once
So that trumps it's infestion of illegal activites?
...D
___
On Fri, 19 Nov 2004 11:22:31 EST, KF_lists said:
Any new features / functionality?
Oooh.. new features/functionality in software intentionally designed to be
malware (as opposed to the misfeatures and misfunctions shipped in the
unintentional malware shipped by all too many vendors). Even
On Friday 19 November 2004 3:31 pm, Poof wrote:
Wow, NICE analogy Jeff!
While IRC is here to stay... The future seems more like servers that're
only hosted through big companies/etc as most datacenters are 'forbidding'
use of IRC(Ports 6660-6669, 7000) on their network.
As any other service,
Might as well ask yourself Why are trolls like me still around?
Hooked 'em good, monkey. :o)
On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say
If you are on the box, having changed the name of the Admin is useless.
Naming doesn't safe you from a lot...a simple registry pull in Windows
will get you all the hashed passwords.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Jeremy Davis
Gautam R. Singh [EMAIL PROTECTED] wrote:
I was just wondering is there any encrytpion alogortim which expires
with time.
For example an email message maybe decrypted withing 48 hours of its
delivery otherwise it become usless or cant be decrypted with the
orignal key
No. Think about it for a
This is true. It will also play many other types of files (with
something like ffdshow) that WMP 9/10 can, although it will do so with
about have the memory footprint and start twice as fast. Gotta love
upgrades. =/
I moved more to BS Player, as it's pretty quick and comes with all the
bells and
Vincent Archer wrote:
Other apps flatly refuse to work with anything but IE. None of these
are strictly web applications anymore - they are applications that use
an UI processor, which happens to be the HTML processor as well.
You see, this is precisely the problem.
HTML processors in web
Dell gives the full OS cd and then a separate drivers CD, at least on
the business side. Not sure about the home side.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mike Hoye
Sent: Saturday, November 20, 2004 7:19 AM
To: [EMAIL PROTECTED]
I think its about time to sunset this discussion, how many people need to
send emails saying the same thing?
- Original Message -
From: Keith Pachulski [EMAIL PROTECTED]
To: Danny [EMAIL PROTECTED]; Mailing List - Full-Disclosure
[EMAIL PROTECTED]
Sent: Friday, November 19, 2004 2:47 PM
Anders Langworthy wrote:
snip
Whoops, should have proofread. I meant to say factoring to primes, not
actually factoring prime numbers (which I think we can all agree is both
P and NP :-)
//Anders
___
Full-Disclosure - We believe in it.
Charter:
hello list
Sometimes ago I have examined the websites of many
Government's if it's possible to put malicious code
in their URLs. In November 2004 I inform some
Deparments about my successful work.
On most Sites it is possible to:
- inject SQL
- account hijacking
- user exploitation
- server
Ohh don't worry I am not knocking it. The 6.4 version will play some of
those AVI files that the version 9 and 10 won't play because of codec
stuff, kinda of funny. =)
-Original Message-
From: GuidoZ [mailto:[EMAIL PROTECTED]
Sent: Saturday, November 20, 2004 1:15 AM
To: Todd Towles
joe [EMAIL PROTECTED] wrote:
[1] Don't get me started on MCSEs. As a whole I
think they hurt Windows far
more than any other thing. A bunch of people who
feel they are experts in
Windows because they took a couple of tests that 10
year olds could memorize
and pass and yet still not be able to
Correct me if I'm wrong (which I know the list members will take me up
on that), the FD mailing list is about *discussing* vulnerabilities
and revealing important information to the community. This post seems
to comment on general problems with general products--so general in
fact that the
I use WinAmp for Music and the Microsoft stuff for Video...I don't do a
lot of video stuff. The lastest Winamp is pretty nice. I can always
stream shoutcast or video to my XBOX so..lol
-Original Message-
From: GuidoZ [mailto:[EMAIL PROTECTED]
Sent: Saturday, November 20, 2004 3:03 PM
They do the same on the home side. (Well, at least they did last time
I bought a Dell laptop. Been a few years.) I was going to point this
out too but you beat me to it. =)
--
Peace. ~G
On Sat, 20 Nov 2004 14:44:41 -0600, Todd Towles
[EMAIL PROTECTED] wrote:
Dell gives the full OS cd and then
On Sat, 20 Nov 2004 09:58:48 -0500, ntx0f [EMAIL PROTECTED] wrote:
I think its about time to sunset this discussion,
Sunsets are nice to watch in the summer months over here.
Thanks,n3td3v
http://www.geocities.com/n3td3v
___
Full-Disclosure - We
Neither viewpoint is 100%. But, over-all I would have to agree with
joe. MCSE's (in my experience) are typically not worth the credit
[automatically] applied to them - not unless they have the experience
to back it.
That is of course true for any certification in any industry. MCSE's
are easy
-Original Message-
From: Danny [mailto:[EMAIL PROTECTED]
Sent: Friday, November 19, 2004 12:40 PM
To: Mailing List - Full-Disclosure
Subject: [Full-Disclosure] Why is IRC still around?
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides
hello list
Sometimes ago I have examined the websites of many
Government's if it's possible to put malicious code
in their URLs. In November 2004 I inform some
Deparments about my successful work.
On most Sites it is possible to:
- inject SQL
- account hijacking
- user exploitation
- server
I never said it wasn't working - I said it leaves much to be desired. =)
I prefer the convienance of CookieCuller personally. I can easily,
with one click: view all cookies, remove all cookies, or keep only
certain cookies. It even comes with a handy little cookie icon I have
nested after the
--On Friday, November 19, 2004 1:15 PM -0600 [EMAIL PROTECTED] wrote:
Paul, do you really feel that as long as the (potentially) fraudulent
votes did not change the outcome (as far as we know...knowing absolutely
nothing for certain at this point) it's perfectly ok that a method for
fixing the
On Fri, Nov 19, 2004 at 12:40:26PM -0500, Danny wrote:
5) The anonymity of the whole thing helps to foster all the illegal
and malicious activity that occurs?
You answered yourself. Because such mostly unregulated, seminanonymous
medium is needed. You have problem with unpatched machines?
Daniel Veditz [EMAIL PROTECTED] wrote:
From: Daniel Veditz <[EMAIL PROTECTED]>To: Paul Schmehl <[EMAIL PROTECTED]>CC: Jason Coombs <[EMAIL PROTECTED]>, [EMAIL PROTECTED],[EMAIL PROTECTED]Subject: Re: [Full-Disclosure] University Researchers Challenge Bush Win InFloridaDate: Fri, 19 Nov 2004
Danny wrote:
Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
2) A considerable amount of script kiddies originate and grow
On Fri, 19 Nov 2004 14:55:12 -0500, Keith Pachulski [EMAIL PROTECTED] wrote:
been on yahoo lately? or AOL channels or hell how bout gnutella?
Do they organize zombies, foster the creation of backdoors, round up
DoS attacks?
Sure, getting rid of the big piracy rings would be nice, but I am
Hi guys / gals,
Had a conversation tonight, and have been reading the IRC
threads and wondered if anyone could answer the following.
In the following scenario; you are a business, is IRC logs
of conversations and lists of hosts be help up in a court of law if a client
you spoke to
topic:
read out user-specific words in mobile-phones with T9 input for sms
(short message service)
tested on:
some nokia and siemens (gsm)mobiles
howto:
Just enter one character (a,d,g,j,m,p,t,w). now press the key who
switches normally the words (if there is more than one possibility).
you
--On Saturday, November 20, 2004 8:19 AM -0500 Mike Hoye
[EMAIL PROTECTED] wrote:
On every XP install that I've seen from every major OEM (Dell, Compaq,
Gateway, etc) fast user switching is on by default and every user is
an administrator. Not on most; on every single one.
Furthermore, these
A google search for 'GET /M83A' finds lots of 'awstats' pages reporting
this, as well as some discussions, but no on seems to have an answer.
Is this a vulnerabilities scanning tool signature?
The preamble of a p2p file sharing network?
An attack against some undisclosed application?
Scan your
When can we expect more like this from the
super ereet catholic kid security? (SECKS)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of gp
Sent: Saturday, November 20, 2004 10:51 AM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Secret Vulns: Places of
Program: Sacred (pc game)
http://sacred-game.com
type: simple DoS, no client-auth
affected version: 1.0.6.2
note:
-fixed in later versions (1.0.7.0) (dated:31.08.2004)
-this security-lag exits for nearly half a year. although ascaron was
informed at the date of release (02.03.2004), nothing
--On Friday, November 19, 2004 2:30 PM -0800 Daniel Veditz
[EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
Even *if* they are correct (which is at least debateable) the 130,000
vote discrepancy they argue for won't overcome Bush's lead of 380,000,
so this is, at best, an academic exercise.
If
--- n3td3v [EMAIL PROTECTED] wrote:
I wish it was possible, but it just wouldn't work.
The hackers would
move onto the next best chat system, whatever that
may be at the time.
For it ever to work, you would need to ban all chat
communications and
peer 2 peer on the internet, and thats
IRC is still around because it does one thing.
It proves that Einstein was right about stupidity: it
is infinite.
[frank] can you help me install GTA3?
[knightmare] first, shut down all programs you aren't
using
frank has quit IRC. (Quit)
[knightmare] ...
Paul Schmehl wrote:
--On Friday, November 19, 2004 01:12:31 PM -0500 Crotty, Edward
[EMAIL PROTECTED] wrote:
I'm not a Win based guy (troll?) - Un*x here - and even I was
offended by
#1.
There is such a thing as runas for Windows.
That's not all.
-Original Message-
From: [EMAIL
Its not because it has a great market 'penetration' in the 'real' world
that it isn't wrong. Not saying it was wrong before...but nowadays...we
know better than DOS, don't we ? Lets not go into the argument NT isn't
DOS etc etc ...please.
So even if the world IT computing economy is standing on
80 matches
Mail list logo