Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Disorganization campaign

From: Blue Boar <blueboar () thievco com>
Date: Tue, 26 Feb 2002 14:20:18 -0800 (PST)
On Tue, 26 Feb 2002, Matt Conover wrote:


It appears that there is an intentional effort to give out false and
misleading information to confuse people. Consider that in the last two
weeks alone, there has been a fake snmp exploit from zen (which he says he
didn't send), a fake (or really old) w00w00 exploit, fake TESO cowboy
exploit, and several different rumors of vulnerabilities in apache and
php. It's hard to know what's accurate and what isn't. In some cases
(i.e., the fake zen snmp exploit), it is actually cause harm to the person
running the exploit. I think that was the point. It would appear the
intention is to confuse hackers and script kiddies so that they cannot
tell the difference between what is and isn't real. This will obviously
slow efforts in harvesting new exploits, because a hacker or script kiddie
would have to sort through which new exploits are and aren't real.


That is clearly the case.  We've had fake exploits here in the past, and 
likely will in the future.  Currently, it happens infrequently.  As I've 
said several times in the past, readers of the list must always treat code 
posted with suspicion.  In general, I don't look too hard at code posted 
here, though I have refused obvious trojans on several occasions.  If it 
gets to an unreasonable level, I'll simply have to examine every bit of 
code more carefully before I allow it.  


this part of the campaign to be somewhat honorable. However, I think
another part of the campaign is to make the sources of security
information (i.e., BugTraq and Vuln-Dev) untrustable, and that I disagree
with.


I'm aware that there is an active campaign to do exactly that by a handful 
of people.  Again, I have blocked some of the attempts in the past, while 
no doubt some of them have gotten through.  

The group that I am aware of is collapsing in on itself, much like a 
defacement group will eventually break apart.  It is very much a case of 
ignore them, and they will go away.  I don't want to have any further 
discussions on the topic here, because that would be feeding the trolls.

                                        BB
Previous By Date Next
Previous By Thread Next

Current thread: