Full Disclosure mailing list archives
Re: Linux - Indicators of compromise
From: Григорий Братислава <musntlive () gmail com>
Date: Wed, 25 Jul 2012 10:04:46 -0400
On Wed, Jul 25, 2012 at 7:04 AM, Giles Coochey <giles () coochey net> wrote:
On 18/07/2012 13:10, Григорий Братислава wrote:
If you broadcast using a MAC address you are on the same subnet, layer 2. On a wired network I don't really care whether you spoofed your mac address or not, you still registered the mac address on the switch, and I can see what port you connected to. Then I just need to follow the cable to find you. In any case, this is an internal intrusion or post-exploitation issue we're talking about, not an external one, assuming the layer-2 environment has a modicum of protection.
MusntLive is now beg of you is to allow me to is join your groupstudy! MusntLive is live on the edge of assumption! In is case of internal/post-exploitation is reality of matter is you will not find me. You can is assume you will but we all is know where assume lead (http://www.youtube.com/watch?v=6hrLj8QEAgI) Is I am on your network, good luck is find me especially in is post exploitation as I am is liable to float around is piggyback from one machine is to the next. You can is assume all you want about port security in is in fact, utterly worthless in post exploitation as is likely I am not even in your physical network. Please is go back to CCNA studies and is stop bastardize is something you know a ''modicum'' of is about. You fail is off jump with word 'assume' So let us is go back to the beginning since you is fail to understand. Pay is close attention for you is not learn this with Lammle. 1) MusntLive is perform remote exploit and is get on your machine 2) MusntLive exploits is "other" machines and send broadcast via spoofing on "OTHER" compromised machines 3) MusntLive is listen for broadcast on any compromised machine You is expect to track me how? Everyone is listen. Is you can go narrow down who is broadcast. Even turn of port! I am is still listen and is will still start again. What is it you is think you will do? Shut down all ports everywhere? Is maybe BCP filter? URPF? Is you think so, you is definitely need lay off Lammle and is read Oppenheimer, Baker, and is too many others you is obviously not ready for. MusntLive like this game. Now you come back and is counter, then I come is back and is counter you to smitheruskis! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Linux - Indicators of compromise, (continued)
- Re: Linux - Indicators of compromise valdis . kletnieks (Jul 16)
- Re: Linux - Indicators of compromise Gary Baribault (Jul 16)
- Re: Linux - Indicators of compromise Benji (Jul 16)
- Re: Linux - Indicators of compromise Giles Coochey (Jul 17)
- Re: Linux - Indicators of compromise Григорий Братислава (Jul 17)
- Re: Linux - Indicators of compromise Giles Coochey (Jul 19)
- Re: Linux - Indicators of compromise Григорий Братислава (Jul 18)
- Message not available
- Re: Linux - Indicators of compromise Григорий Братислава (Jul 18)
- Re: Linux - Indicators of compromise Leutnant Steiner (Jul 20)
- Re: Linux - Indicators of compromise Gary Baribault (Jul 16)
- Re: Linux - Indicators of compromise Giles Coochey (Jul 25)
- Re: Linux - Indicators of compromise Григорий Братислава (Jul 25)
- Re: Linux - Indicators of compromise Scott Solmonson (Jul 26)
- Re: Linux - Indicators of compromise Григорий Братислава (Jul 26)
- Re: Linux - Indicators of compromise valdis . kletnieks (Jul 26)
- Re: Linux - Indicators of compromise Григорий Братислава (Jul 26)
- Re: Linux - Indicators of compromise valdis . kletnieks (Jul 16)
- Re: Linux - Indicators of compromise Scott Solmonson (Jul 28)
- Re: Linux - Indicators of compromise Григорий Братислава (Jul 30)
- Re: Linux - Indicators of compromise jerry (Jul 28)
- Re: Linux - Indicators of compromise coderman (Jul 16)