Vulnerability Development mailing list archives
Re: Disorganization campaign
From: Blue Boar <blueboar () thievco com>
Date: Tue, 26 Feb 2002 14:20:18 -0800 (PST)
On Tue, 26 Feb 2002, Matt Conover wrote:
It appears that there is an intentional effort to give out false and misleading information to confuse people. Consider that in the last two weeks alone, there has been a fake snmp exploit from zen (which he says he didn't send), a fake (or really old) w00w00 exploit, fake TESO cowboy exploit, and several different rumors of vulnerabilities in apache and php. It's hard to know what's accurate and what isn't. In some cases (i.e., the fake zen snmp exploit), it is actually cause harm to the person running the exploit. I think that was the point. It would appear the intention is to confuse hackers and script kiddies so that they cannot tell the difference between what is and isn't real. This will obviously slow efforts in harvesting new exploits, because a hacker or script kiddie would have to sort through which new exploits are and aren't real.
That is clearly the case. We've had fake exploits here in the past, and likely will in the future. Currently, it happens infrequently. As I've said several times in the past, readers of the list must always treat code posted with suspicion. In general, I don't look too hard at code posted here, though I have refused obvious trojans on several occasions. If it gets to an unreasonable level, I'll simply have to examine every bit of code more carefully before I allow it.
this part of the campaign to be somewhat honorable. However, I think another part of the campaign is to make the sources of security information (i.e., BugTraq and Vuln-Dev) untrustable, and that I disagree with.
I'm aware that there is an active campaign to do exactly that by a handful of people. Again, I have blocked some of the attempts in the past, while no doubt some of them have gotten through. The group that I am aware of is collapsing in on itself, much like a defacement group will eventually break apart. It is very much a case of ignore them, and they will go away. I don't want to have any further discussions on the topic here, because that would be feeding the trolls. BB
Current thread:
- Disorganization campaign Matt Conover (Feb 26)
- Re: Disorganization campaign Blue Boar (Feb 26)